Problem -> PUM.Hijack.StartMenu

Jeribba · 28.01.2014, 09:24

Hallo Leute,

ich hab ein grosses Problem, seit heute Mitternacht komm ich nicht mehr ins Desktop weil eine Abzocker Meldung nur mit schwarzem Hintergrund kommt, und zwar wird nach dem Windows Product Key verlangt. Man kann gar nichts machen ausser noch "Online einen Product Key erwerben" worauf sich Firefox öffnet.

Bisher hatte ich solche Malware immer irgendwie selber behebn können, aber diese hier hat sich als extrem hartnäckig herausgestellt. Sonst hat es meist gereicht wenn ich im abgesichetem Modus rein bin und dann MBAM laufen lassen hab. Und wenn das nicht half hab ich nen Systemwiederherstellungspunkt ausgewählt.

Also ging ich heute in den abgesicherten Modus ohne Netzwerktreiber, und MBAM fand sogar die Malware, wie im Threadtitel schon erwähnt handelt es sich um " PUM.Hijack.StartMenu " .

Zuerst hab kams in die Quarantäne und als ich dann den neustart versucht habe kam trotzdem noch die Meldung. Danach bin ich wieder in den abgesicherten Modus rein und habs dann komplett gelöscht, jedoch hat es nichts gebracht.

Sobald ich in den abgesicherten Modus mit Netzwerktreibern reingehe kommt die Meldung auch, aber dafür (zum glück) nicht im normalem abgesicherten Modus.

So, danach habe ich Adwcleaner laufen lassen, jedoch auch ohne Erfolg. Die Malware hats nach dem ersten mal mit MBAM auch nie wieder gefunden.

Dazwischen hatte ich PartedMagic verwendet um mich wenigstens im Inet schlau machen zu können. So konnte ich auch Adwcleaner runterladen. Währenddessen habe ich auch ClamAV laufen lassen, was einiges gefunden zu haben schient, aber meiner Meinung nach alles harmlos bzw keine Viren oder so. Die exe datei von einem Spiel hatte es als "Trojan..." bezeichnet. Also habe ich es gelassen und damit nicht weiter mehr gemacht.
Von PUM.Hijack.StartMenu war da nichts zu sehen.

Darauf bin ich wieder in den abgesicherten Modus und hab das geamacht was bisher eigentlich immer geholfen hat, und zwar die Systemwiederherstellung.
Doch diesmal hatte ich ein schlechtes Gefühl dabei, was sich auch darauf bestätigt hat.
Schon wieder kam die Meldung, also hat selbst das nichts gebracht.

Die ganzen Log Files die dabei rauskamen würde ich ja gerne posten, doch jetzt bin ich grad an einem anderen Rechner (an den ich heute Nacht nicht kam weil er in einem anderen Zimmer ist und jemand dort schlief, falls ihr euch fragt warum ich nicht gleich den benutz habe um mich im Internet drüber schlau zu machen), ich könnte ja die Log Files per USB Stick auf diesen Rechner tun, aber muss ich dann befürchten das die Malware oder sonstiges über den USB Stick auch auf diesen Rechner übergreifen kann?

schrauber · 28.01.2014, 09:38

Hi,

poste bitte die Logs. Den andern Rechner kannste dadurch nicht infizieren

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Jeribba · 29.01.2014, 09:37

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.04.07

Windows Vista x86 NTFS (Abgesichertenmodus)
Internet Explorer 7.0.6000.16982
Subroc :: SUBROC-PC [Administrator]

27.01.2014 23:53:41
mbam-log-2014-01-27 (23-53-41).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 189931
Laufzeit: 3 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.04.07

Windows Vista x86 NTFS (Abgesichertenmodus)
Internet Explorer 7.0.6000.16982
Subroc :: SUBROC-PC [Administrator]

28.01.2014 00:04:32
mbam-log-2014-01-28 (00-04-32).txt

Art des Suchlaufs: Benutzerdefinierter Suchlauf (C:\Users\Subroc\Desktop\Usenext.lnk|)
Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P
Durchsuchte Objekte: 1
Laufzeit: 4 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 28/01/2014 um 01:29:13
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium  (32 bits)
# Benutzername : Subroc - SUBROC-PC
# Gestartet von : C:\Users\Subroc\Desktop\AdwCleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\END

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v7.0.6000.16982


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Subroc\AppData\Roaming\Mozilla\Firefox\Profiles\dwphwo5s.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1033 octets] - [28/01/2014 01:29:13]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1093 octets] ##########

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 28/01/2014 um 02:42:18
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium  (32 bits)
# Benutzername : Subroc - SUBROC-PC
# Gestartet von : C:\Users\Subroc\Desktop\AdwCleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\END

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar

***** [ Browser ] *****

-\\ Internet Explorer v7.0.6000.16982


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Subroc\AppData\Roaming\Mozilla\Firefox\Profiles\dwphwo5s.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1173 octets] - [28/01/2014 01:29:13]
AdwCleaner[S0].txt - [1094 octets] - [28/01/2014 02:42:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1154 octets] ##########

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 28/01/2014 um 02:46:43
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium  (32 bits)
# Benutzername : Subroc - SUBROC-PC
# Gestartet von : C:\Users\Subroc\Desktop\AdwCleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v7.0.6000.16982


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Subroc\AppData\Roaming\Mozilla\Firefox\Profiles\dwphwo5s.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1173 octets] - [28/01/2014 01:29:13]
AdwCleaner[R1].txt - [723 octets] - [28/01/2014 02:46:43]
AdwCleaner[S0].txt - [1234 octets] - [28/01/2014 02:42:18]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [842 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Subroc on 28.01.2014 at  8:38:42,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Subroc\AppData\Roaming\mozilla\firefox\profiles\dwphwo5s.default\minidumps [10 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.01.2014 at  8:40:50,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Nachtrag von 15:37 Uhr :
Ich habe deswegen soviele Logs gepostet da ich zb MBAM mehrere male durchlaufen lassen habe, z.B. als ich die Malware-Datei gelöscht hatte. Ich war mir nicht sicher ob eines reicht oder ob ich die logs von jedem Durchgang posten soll, sicherheitshalber habe ich deswegen alle gepostet, auch wenn offenbar dabei nichts anderes rauskommt.

Ich habe nun auch SecurityCheck durchlaufen lassen:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows Vista  x86 (UAC is disabled!)  
 Out of date service pack!! 
 Internet Explorer 7 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 CCleaner     
 Wise Registry Cleaner 7.65  
 Adobe Flash Player 	12.0.0.43  
 Adobe Reader 10.1.2 Adobe Reader out of Date!  
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Nachtrag von 16:10Uhr:

Jetzt wirds kurios. Da mir auffiel das die MBAM Datenbank nicht aktuell ist habe ich die Update Datei runtergeladen und dann auf den Laptop kopiert und installiert.

Darauf habe ich nochmal MBAM durchlaufen lassen, und siehe da, die selbe Datei
PUM.Hijack.StartMenu wurde jetzt plötzlich wieder gefunden!

Ich hatte sie wie schon erzählt definitiv über das MBAM Menü löschen lassen, aber irgendwie scheint dies doch nicht passiert zu sein. Seltsam finde ich das die Datei nachdem sie gelöscht wurde und ich direkt danach noch nen Suchlauf starten liess nicht mehr gefunden wurde. Dazwischen hatte ich ja paar Neustarts gehabt, und nun scheint es sich wieder eingenistet zu haben. Das es nicht ganz weg ging war eh klar, da ich ja auch nach dem Löschen nicht ins Desktop reinkam.

Auf jeden fall habe ich es vermeintlicherweise wieder löschen lassen, aber nach dem Neustart kam natürlich wieder die Meldung und wieder komme nicht ins Desktop.

Hier ist mal der(/die/das?) neue Log:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.04.07

Windows Vista x86 NTFS (Abgesichertenmodus)
Internet Explorer 7.0.6000.16982
Subroc :: SUBROC-PC [Administrator]

28.01.2014 15:03:15
MBAM-log-2014-01-28 (15-49-24).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 190354
Laufzeit: 2 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bösartig: (0) Gut: (1) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Kann mal bitte jemand helfen? Auch gerne per PM.

Bevor man mir dazu rät mal folgendes:
Der Eset Online Scanner wird nicht funktionieren!
Da wie schon erzählt keine Internetverbindung möglich ist, denn sobald ich in den Abgesicherten Modus mit Netzwerktreibern gehe
kommt die Meldung und nichts geht mehr! Es ist also nur möglich in den normalen abgesicherten Modus reinzugehen.

schrauber · 29.01.2014, 13:07

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

und danach bitte nix mehr auf eigene Faust machen

Jeribba · 29.01.2014, 13:28

Hatte ich gestern schon gemacht

Schrauber, ich teile es auf zwei Beiträge auf da es zu lange ist.

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-01-2014 03
Ran by Subroc (administrator) on SUBROC-PC on 28-01-2014 14:56:15
Running from E:\Neuer Ordner\Proggis
Microsoft® Windows Vista™ Home Premium  (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Safe Mode (minimal)



==================== Processes (Whitelisted) ===================



==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1006264 2014-01-12] (Microsoft Corporation)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [862728 2009-02-12] (Dritek System Inc.)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint2K\Apoint.exe [204800 2009-02-23] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824 2009-02-06] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6789664 2009-02-24] (Realtek Semiconductor)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [13785632 2009-06-03] (NVIDIA Corporation)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Run: [VirtualCloneDrive] - C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM\...\Run: [WinampAgent] - C:\Program Files\Winamp\winampa.exe [36352 2008-09-12] ()
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [icq] - C:\Users\Subroc\AppData\Roaming\ICQM\icq.exe [33664344 2014-01-13] (ICQ)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2006-11-02] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2006-11-02] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Subroc\AppData\Roaming\Mozilla\Firefox\Profiles\dwphwo5s.default
FF Homepage: https://www.google.de/
FF NetworkProxy: "http", "110.208.25.121"
FF NetworkProxy: "http_port", 9000
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

========================== Services (Whitelisted) =================

S2 libusbd; C:\Windows\System32\libusbd-nt.exe [18944 2005-03-09] (hxxp://libusb-win32.sourceforge.net)
S2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [x]

==================== Drivers (Whitelisted) ====================

S1 DritekPortIO; C:\Program Files\Launch Manager\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.)
S1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [48256 2007-06-13] (JMicron Technology Corp.)
R3 libusb0; C:\Windows\System32\drivers\libusb0.sys [33792 2005-03-09] ()
S2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2014-01-12] (Duplex Secure Ltd.)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PsSdk30; \??\C:\Windows\system32\Drivers\PsSdk30.drv [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-28 14:56 - 2014-01-28 14:56 - 00000000 ____D C:\FRST
2014-01-28 08:40 - 2014-01-28 08:40 - 00001475 _____ C:\Users\Subroc\Desktop\JRT.txt
2014-01-28 08:38 - 2014-01-28 08:38 - 00000000 ____D C:\Windows\ERUNT
2014-01-28 01:29 - 2014-01-28 02:47 - 00000000 ____D C:\AdwCleaner
2014-01-26 14:11 - 2014-01-26 14:11 - 00000000 ____D C:\Users\Subroc\Desktop\BILDER
2014-01-24 01:54 - 2014-01-28 02:56 - 00000000 ____D C:\Users\Subroc\Desktop\Neuer Ordner
2014-01-23 06:08 - 2014-01-23 06:08 - 00000878 _____ C:\Users\Subroc\Desktop\Usenext.lnk
2014-01-22 01:44 - 2014-01-22 01:44 - 00001603 _____ C:\Users\Public\Desktop\XBC 5.1.lnk
2014-01-22 01:44 - 2014-01-22 01:44 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBC
2014-01-22 01:43 - 2014-01-23 04:37 - 00000000 ____D C:\Program Files\XBC
2014-01-22 01:43 - 2014-01-22 01:43 - 00000000 ____D C:\Program Files\WinPcap
2014-01-22 01:42 - 2014-01-22 01:43 - 07506688 _____ C:\Users\Subroc\Downloads\XBCINST_512.exe
2014-01-22 01:42 - 2014-01-22 01:42 - 00915128 _____ (Riverbed Technology, Inc.) C:\Users\Subroc\Downloads\WinPcap_4_1_3.exe
2014-01-21 20:22 - 2014-01-21 21:15 - 00000600 _____ C:\Users\Subroc\PUTTY.RND
2014-01-20 23:38 - 2014-01-20 23:38 - 00389733 _____ C:\Users\Subroc\Downloads\Sixaxis_PS3_Win32_Driver_For_PC.rar
2014-01-17 15:40 - 2014-01-28 08:36 - 00000068 _____ C:\Windows\setupact.log
2014-01-17 15:40 - 2014-01-17 15:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-16 19:56 - 2014-01-16 19:58 - 00000000 ____D C:\Users\Subroc\Documents\Calibre Library
2014-01-16 19:50 - 2014-01-16 19:58 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\calibre
2014-01-16 19:50 - 2014-01-16 19:50 - 00000000 ____D C:\Users\Subroc\Calibre Bibliothek
2014-01-16 16:45 - 2014-01-16 16:46 - 00000000 ____D C:\Program Files\FlashFXP 4
2014-01-16 16:45 - 2014-01-16 16:45 - 00000000 ____D C:\ProgramData\FlashFXP
2014-01-16 04:55 - 2014-01-16 04:55 - 00000000 __RSH C:\MSDOS.SYS
2014-01-16 04:55 - 2014-01-16 04:55 - 00000000 __RSH C:\IO.SYS
2014-01-16 04:55 - 1997-05-29 16:31 - 00315904 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2014-01-16 04:36 - 2014-01-16 04:36 - 00000000 ____D C:\Program Files\DOSBox-0.74
2014-01-16 04:33 - 2014-01-16 04:36 - 00000000 ____D C:\Users\Subroc\AppData\Local\DOSBox
2014-01-16 04:33 - 2014-01-16 04:33 - 00000000 ____D C:\Program Files\DOSBox-0.73
2014-01-16 00:04 - 2014-01-16 20:21 - 00000000 ____D C:\Games
2014-01-14 23:57 - 2014-01-14 23:57 - 00000000 ____D C:\Users\Subroc\AppData\Local\Macromedia
2014-01-14 23:56 - 2014-01-14 23:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-14 23:56 - 2014-01-14 23:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-14 23:49 - 2014-01-14 23:49 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-14 23:49 - 2014-01-14 23:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-14 16:23 - 2014-01-14 23:56 - 00000000 ____D C:\Users\Subroc\AppData\Local\Adobe
2014-01-13 23:29 - 2014-01-13 23:29 - 00000000 ____D C:\Windows\Sun
2014-01-13 20:14 - 2014-01-13 20:15 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\ImgBurn
2014-01-13 17:39 - 2014-01-13 17:41 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\ICQ-Profile
2014-01-13 17:39 - 2014-01-13 17:39 - 00001569 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-01-13 17:39 - 2014-01-13 17:39 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-01-13 17:39 - 2014-01-13 17:39 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\ICQM
2014-01-13 17:37 - 2014-01-13 17:37 - 00000000 ____D C:\Users\Subroc\Documents\ICQ Lite
2014-01-13 17:35 - 2014-01-13 17:38 - 00000000 ____D C:\Program Files\ICQLite
2014-01-13 06:56 - 2014-01-13 06:56 - 00000000 ____D C:\Program Files\LibUSB-Win32-0.1.10.1
2014-01-13 06:56 - 2005-03-09 20:50 - 00046592 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusb0.dll
2014-01-13 06:56 - 2005-03-09 20:50 - 00033792 _____ C:\Windows\system32\Drivers\libusb0.sys
2014-01-13 06:56 - 2005-03-09 20:50 - 00019456 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbd-9x.exe
2014-01-13 06:56 - 2005-03-09 20:50 - 00018944 _____ (hxxp://libusb-win32.sourceforge.net) C:\Windows\system32\libusbd-nt.exe
2014-01-13 01:20 - 2014-01-13 01:20 - 00008192 ___RS C:\BOOTSECT.BAK
2014-01-13 01:20 - 2006-11-02 10:53 - 00438840 __RSH C:\bootmgr
2014-01-13 01:19 - 2014-01-16 19:57 - 00000000 ____D C:\Windows\PANTHER
2014-01-13 01:19 - 2006-10-05 09:40 - 00057656 ____R C:\Windows\system32\OEMLOGO.BMP
2014-01-13 01:19 - 2006-10-05 09:40 - 00057656 ____R C:\Windows\FSC_LOGO_POSITIVE_JPG_MIDDLE.BMP
2014-01-13 01:18 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\system32\de
2014-01-13 01:18 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\system32\0407
2014-01-13 01:18 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\de-DE
2014-01-13 01:18 - 2014-01-12 22:46 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2014-01-13 00:38 - 2014-01-13 00:38 - 00001792 _____ C:\Windows\TSearch.INI
2014-01-13 00:23 - 2014-01-28 02:56 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\vlc
2014-01-13 00:18 - 2014-01-13 00:18 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
2014-01-13 00:18 - 2014-01-13 00:18 - 00000000 ____D C:\Program Files\XviD
2014-01-13 00:15 - 2014-01-21 07:38 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Winamp
2014-01-13 00:15 - 2014-01-13 00:16 - 00000000 ____D C:\Program Files\Winamp
2014-01-13 00:15 - 2007-03-08 00:51 - 01628920 ____N (Sonic Solutions) C:\Windows\system32\pxsfs.dll
2014-01-13 00:15 - 2007-03-08 00:51 - 00547576 ____N (Sonic Solutions) C:\Windows\system32\px.dll
2014-01-13 00:15 - 2007-03-08 00:51 - 00510712 ____N (Sonic Solutions) C:\Windows\system32\pxdrv.dll
2014-01-13 00:15 - 2007-03-08 00:51 - 00379640 ____N (Sonic Solutions) C:\Windows\system32\pxwave.dll
2014-01-13 00:15 - 2007-03-08 00:51 - 00187128 ____N (Sonic Solutions) C:\Windows\system32\pxmas.dll
2014-01-13 00:15 - 2007-03-08 00:51 - 00129784 ____N (Sonic Solutions) C:\Windows\system32\pxafs.dll
2014-01-13 00:15 - 2007-03-08 00:51 - 00072440 ____N (Sonic Solutions) C:\Windows\system32\pxhpinst.exe
2014-01-13 00:15 - 2007-03-08 00:51 - 00064760 ____N (Sonic Solutions) C:\Windows\system32\pxinsa64.exe
2014-01-13 00:15 - 2007-03-08 00:51 - 00064760 ____N (Sonic Solutions) C:\Windows\system32\pxcpya64.exe
2014-01-13 00:15 - 2007-03-08 00:51 - 00039672 ____N (Sonic Solutions) C:\Windows\system32\vxblock.dll
2014-01-13 00:14 - 2014-01-13 00:14 - 00000000 ____D C:\Program Files\VideoLAN
2014-01-13 00:11 - 2014-01-13 00:11 - 00000000 ____D C:\Program Files\Elaborate Bytes
2014-01-13 00:04 - 2014-01-13 00:04 - 00000000 ____D C:\Users\Subroc\Documents\My ISO Files
2014-01-13 00:04 - 2014-01-13 00:04 - 00000000 ____D C:\Program Files\UltraISO
2014-01-13 00:04 - 2014-01-13 00:04 - 00000000 ____D C:\Program Files\Common Files\EZB Systems
2014-01-12 23:52 - 2014-01-28 09:20 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-01-12 23:52 - 2014-01-22 00:35 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-01-12 23:52 - 2014-01-13 06:51 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-01-12 23:51 - 2014-01-15 00:36 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-12 23:51 - 2014-01-12 23:58 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2014-01-12 23:51 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-01-12 23:44 - 2014-01-12 23:46 - 00000000 ____D C:\ProgramData\VistaCodecs
2014-01-12 23:44 - 2014-01-12 23:44 - 00000000 ____D C:\Users\Subroc\AppData\Local\Google
2014-01-12 23:43 - 2014-01-12 23:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-12 23:33 - 2014-01-12 23:33 - 00000110 _____ C:\Users\Subroc\Documents\ax_files.xml
2014-01-12 23:32 - 2014-01-12 23:32 - 00691696 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-01-12 22:53 - 2014-01-28 14:46 - 00220386 _____ C:\ProgramData\nvModes.001
2014-01-12 22:53 - 2014-01-28 09:20 - 00220386 _____ C:\ProgramData\nvModes.dat
2014-01-12 22:51 - 2014-01-12 22:53 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-12 22:43 - 2009-08-24 13:47 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 10379264 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 09752320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-12 22:43 - 2009-06-03 02:57 - 07613440 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 03149824 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 01704960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 01310720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 00990720 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 00795104 _____ (Microsoft Corporation) C:\Windows\system32\dpinst.exe
2014-01-12 22:43 - 2009-06-03 02:57 - 00671744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 00147456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod152.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 00147456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll
2014-01-12 22:43 - 2009-06-03 02:57 - 00009918 _____ C:\Windows\system32\nvdisp.nvu
2014-01-12 22:43 - 2009-06-03 02:57 - 00004224 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2014-01-12 22:43 - 2008-04-19 09:13 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2014-01-12 22:26 - 2014-01-12 22:26 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\WinRAR
2014-01-12 22:12 - 2014-01-12 22:12 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 06067200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 03599360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 02452872 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-12 22:10 - 2014-01-12 22:10 - 01830912 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-12 22:10 - 2014-01-12 22:10 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-12 22:10 - 2014-01-12 22:10 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00459264 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-12 22:10 - 2014-01-12 22:10 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\ieencode.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-12 22:10 - 2014-01-12 22:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-12 22:08 - 2014-01-12 22:08 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-01-12 22:08 - 2014-01-12 22:08 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2014-01-12 22:07 - 2014-01-12 22:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2014-01-12 22:07 - 2014-01-12 22:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\pacerprf.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2014-01-12 22:07 - 2014-01-12 22:07 - 00001820 _____ C:\Windows\system32\rasctrnm.h
2014-01-12 22:06 - 2014-01-12 22:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-01-12 22:06 - 2014-01-12 22:06 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-01-12 22:06 - 2014-01-12 22:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-01-12 22:05 - 2014-01-12 22:05 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll
2014-01-12 22:05 - 2014-01-12 22:05 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll
2014-01-12 22:05 - 2014-01-12 22:05 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\ACCTRES.dll
2014-01-12 22:04 - 2014-01-12 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-01-12 22:04 - 2014-01-12 22:04 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-01-12 22:04 - 2014-01-12 22:04 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2014-01-12 22:04 - 2014-01-12 22:04 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2014-01-12 22:03 - 2014-01-12 22:03 - 00704000 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-01-12 22:03 - 2014-01-12 22:03 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-01-12 22:03 - 2014-01-12 22:03 - 00258232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-12 22:03 - 2014-01-12 22:03 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00028344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2014-01-12 22:03 - 2014-01-12 22:03 - 00020920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2014-01-12 22:02 - 2014-01-12 22:02 - 01657350 _____ C:\Windows\system32\wlan.tmf
2014-01-12 22:02 - 2014-01-12 22:02 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-01-12 22:00 - 2014-01-12 22:00 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-01-12 22:00 - 2014-01-12 22:00 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-01-12 22:00 - 2014-01-12 22:00 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-01-12 22:00 - 2014-01-12 22:00 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-01-12 21:59 - 2014-01-12 21:59 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-01-12 21:59 - 2014-01-12 21:59 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-01-12 21:58 - 2014-01-12 21:58 - 03502480 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 03468168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 02855424 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-01-12 21:58 - 2014-01-12 21:58 - 02433536 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-01-12 21:58 - 2014-01-12 21:58 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-01-12 21:58 - 2014-01-12 21:58 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-01-12 21:55 - 2014-01-12 21:55 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-12 21:54 - 2014-01-12 21:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2014-01-12 21:54 - 2014-01-12 21:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-01-12 21:53 - 2014-01-12 21:53 - 01060920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-01-12 21:53 - 2014-01-12 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-12 21:53 - 2014-01-12 21:53 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2014-01-12 21:52 - 2014-01-12 21:52 - 00374456 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-01-12 21:51 - 2014-01-12 21:51 - 00500736 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2014-01-12 21:51 - 2014-01-12 21:51 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-01-12 21:51 - 2014-01-12 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2014-01-12 21:50 - 2014-01-12 21:50 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-12 21:50 - 2014-01-12 21:50 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 21:50 - 2014-01-12 21:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 21:49 - 2014-01-12 21:49 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-01-12 21:48 - 2014-01-12 21:48 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-01-12 21:48 - 2014-01-12 21:48 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-01-12 21:47 - 2014-01-12 21:47 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-12 21:46 - 2014-01-12 21:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 01244672 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-01-12 21:43 - 2014-01-12 21:43 - 11315712 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-12 21:42 - 2014-01-12 21:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-12 21:41 - 2014-01-12 21:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-01-12 21:40 - 2014-01-12 21:40 - 00211000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00110136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00045112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00021560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2014-01-12 21:39 - 2014-01-12 21:39 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-12 21:39 - 2014-01-12 21:39 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-01-12 21:38 - 2014-01-12 21:38 - 01233920 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00408136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-12 21:38 - 2014-01-12 21:38 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-12 21:37 - 2014-01-12 21:37 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 11722752 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0001.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 07964672 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0024.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 06781440 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0019.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 06224896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0027.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 05791232 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0026.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 05499904 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0022.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04981248 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0013.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0010.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04164096 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04093440 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004c.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04045824 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons003e.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004a.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 03331072 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0018.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 02466816 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0011.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0021.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01972736 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004e.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01808896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0046.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01793536 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0045.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01782272 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0039.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01702912 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004b.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01558016 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0049.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01452544 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0003.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0047.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0020.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2014-01-12 21:37 - 2014-01-12 21:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons002a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 09892864 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 09845248 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 07042560 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons081a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06917120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0c1a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06585856 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001b.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06346240 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06237696 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000c.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06014976 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05654528 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000f.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05090816 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0416.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05071872 _____ (Microsoft Corporation) C:\Windows\system32\NlsModels0011.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05031936 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0816.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04874240 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04616192 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0414.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0019.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0816.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0416.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0414.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0010.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03464704 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0013.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004e.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004c.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004b.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0049.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0047.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0046.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0045.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0039.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0020.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0011.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02641408 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0001.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0027.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0c1a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData081a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0026.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0024.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001b.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0018.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000f.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0003.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData003e.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData002a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0022.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0021.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01722368 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01523200 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0000.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-01-12 21:34 - 2014-01-12 21:34 - 01585664 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00944184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00905400 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00620088 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00224824 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\prflbmsg.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-01-12 21:32 - 2014-01-12 21:32 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2014-01-12 21:32 - 2014-01-12 21:32 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2014-01-12 21:32 - 2014-01-12 21:32 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-12 21:31 - 2014-01-12 21:31 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00213592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-12 21:31 - 2014-01-12 21:31 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-01-12 21:31 - 2014-01-12 21:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2014-01-12 21:31 - 2014-01-12 21:31 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2014-01-12 21:30 - 2014-01-12 21:30 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-01-12 21:30 - 2014-01-12 21:30 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2014-01-12 21:30 - 2014-01-12 21:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2014-01-12 21:30 - 2014-01-12 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 02605568 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 08138240 _____ (Microsoft Corporation) C:\Windows\system32\ssBranded.scr
2014-01-12 21:27 - 2014-01-12 21:27 - 01984512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2014-01-12 21:27 - 2014-01-12 21:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcmonitor.dll
2014-01-12 21:25 - 2014-01-15 22:57 - 00000000 ____D C:\Windows\system32\MRT
2014-01-12 21:24 - 2014-01-12 21:24 - 02031104 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 21:24 - 2014-01-12 21:24 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-01-12 21:24 - 2014-01-12 21:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-01-12 21:24 - 2014-01-12 21:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2014-01-12 21:24 - 2014-01-12 21:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2014-01-12 21:23 - 2014-01-12 21:23 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2014-01-12 21:22 - 2014-01-12 21:22 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-01-12 21:22 - 2014-01-12 21:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-01-12 21:22 - 2014-01-12 21:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-01-12 21:22 - 2014-01-12 21:22 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2014-01-12 21:13 - 2014-01-12 21:13 - 00781344 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-01-12 21:13 - 2014-01-12 21:13 - 00326160 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-01-12 21:13 - 2014-01-12 21:13 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00097800 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00043544 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00037384 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-01-12 21:13 - 2014-01-12 21:13 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-01-12 20:57 - 2014-01-12 21:04 - 26607616 _____ C:\Windows\ocsetup_install_NetFx3.etl
2014-01-12 20:57 - 2014-01-12 21:04 - 00196608 _____ C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-01-12 20:57 - 2014-01-12 21:04 - 00065536 _____ C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-01-12 20:10 - 2014-01-12 20:10 - 01507328 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
2014-01-12 20:10 - 2014-01-12 20:10 - 00196608 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
2014-01-12 20:10 - 2014-01-12 20:10 - 00131072 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
2014-01-12 19:48 - 2014-01-12 19:48 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00096760 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-01-12 19:32 - 2014-01-12 19:32 - 04247552 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2014-01-12 19:32 - 2014-01-12 19:32 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-01-12 19:32 - 2014-01-12 19:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2014-01-12 19:31 - 2014-01-12 19:31 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-01-12 19:31 - 2014-01-12 19:31 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-01-12 19:31 - 2014-01-12 19:31 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-01-12 19:31 - 2014-01-12 19:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-01-12 19:30 - 2014-01-12 19:30 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-01-12 19:29 - 2014-01-12 19:29 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-01-12 19:29 - 2014-01-12 19:29 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-01-12 19:29 - 2014-01-12 19:29 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-01-12 19:29 - 2014-01-12 19:29 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-01-12 19:27 - 2014-01-12 19:27 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-01-12 19:27 - 2014-01-12 19:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-01-12 19:27 - 2014-01-12 19:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-01-12 19:26 - 2014-01-12 19:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-01-12 19:26 - 2014-01-12 19:26 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-01-12 19:24 - 2014-01-12 19:24 - 10622464 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-12 19:24 - 2014-01-12 19:24 - 08147968 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-12 19:24 - 2014-01-12 19:24 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2014-01-12 19:24 - 2014-01-12 19:24 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2014-01-12 19:24 - 2014-01-12 19:24 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-01-12 19:24 - 2014-01-12 19:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-01-12 19:24 - 2014-01-12 19:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-01-12 19:17 - 2014-01-14 16:23 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Adobe
2014-01-12 19:17 - 2014-01-12 19:17 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Macromedia
2014-01-12 19:16 - 2006-12-20 07:03 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-01-12 19:15 - 2014-01-12 19:18 - 00006144 _____ C:\Users\Subroc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-12 19:15 - 2014-01-12 19:15 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\DivX
2014-01-12 19:03 - 2014-01-12 19:03 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-12 19:02 - 2014-01-12 19:02 - 00000000 __RHD C:\MSOCache
2014-01-12 18:58 - 2014-01-14 23:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-12 18:58 - 2014-01-12 18:59 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Mozilla
2014-01-12 18:58 - 2014-01-12 18:58 - 00000000 ____D C:\Users\Subroc\AppData\Local\Mozilla
2014-01-12 18:54 - 2014-01-12 18:54 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Malwarebytes
2014-01-12 18:53 - 2014-01-13 06:50 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-12 18:53 - 2014-01-12 18:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-12 18:53 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-12 18:52 - 2013-12-18 06:13 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-12 18:46 - 2014-01-12 18:45 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-12 18:46 - 2014-01-12 18:45 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-12 18:46 - 2014-01-12 18:45 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-12 18:45 - 2014-01-12 18:45 - 00000000 ____D C:\Program Files\Java
2014-01-12 18:42 - 2014-01-12 18:42 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-12 18:42 - 2014-01-12 18:42 - 00000000 ____D C:\Program Files\WinRAR
2014-01-12 18:41 - 2014-01-28 02:56 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\TeraCopy
2014-01-12 18:40 - 2014-01-16 19:46 - 00000000 ____D C:\Users\Subroc\Desktop\Programme
2014-01-12 18:40 - 2014-01-12 18:40 - 00000000 ____D C:\Windows\system32\Macromed
2014-01-12 18:40 - 2014-01-12 18:40 - 00000000 ____D C:\Program Files\Wise
2014-01-12 18:39 - 2014-01-12 18:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-12 18:39 - 2014-01-12 18:39 - 00000000 ____D C:\Program Files\Adobe
2014-01-12 18:37 - 2014-01-12 18:39 - 00000000 ____D C:\ProgramData\Adobe
2014-01-12 18:35 - 2014-01-12 18:36 - 00000000 ____D C:\Program Files\ImgBurn
2014-01-12 18:34 - 2014-01-28 02:56 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\IrfanView
2014-01-12 18:34 - 2014-01-12 18:34 - 00000000 ____D C:\Program Files\IrfanView
2014-01-12 18:33 - 2014-01-12 18:33 - 00000000 ____D C:\Program Files\Common Files\DivX Shared
2014-01-12 18:32 - 2014-01-12 18:33 - 00000000 ____D C:\Program Files\DivX
2014-01-12 18:31 - 2014-01-12 18:33 - 00000000 ____D C:\ProgramData\DivX
2014-01-12 18:30 - 2014-01-12 18:30 - 00000000 ____D C:\Program Files\XnView
2014-01-12 18:27 - 2014-01-12 18:27 - 00000000 ____D C:\Program Files\TeraCopy
2014-01-12 18:27 - 2014-01-12 18:27 - 00000000 ____D C:\Program Files\MDF to ISO
2014-01-12 18:26 - 2014-01-12 18:26 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Notepad++
2014-01-12 18:26 - 2014-01-12 18:26 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-01-12 18:26 - 2014-01-12 18:26 - 00000000 ____D C:\Program Files\Notepad++
2014-01-12 18:25 - 2014-01-12 18:25 - 00000000 ____D C:\Program Files\7-Zip
2014-01-12 18:19 - 2014-01-12 18:20 - 00000000 ____D C:\Program Files\Calibre2
2014-01-12 18:18 - 2014-01-12 18:18 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 17:44 - 2014-01-12 17:43 - 00457248 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe
2014-01-12 17:17 - 2014-01-12 22:33 - 00000000 ____D C:\Windows\system32\RTCOM
2014-01-12 17:16 - 2014-01-12 22:33 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2014-01-12 17:16 - 2014-01-12 22:33 - 00002796 ____H C:\RHDSetup.log
2014-01-12 17:16 - 2014-01-12 17:16 - 00000000 ____D C:\Program Files\Realtek
2014-01-12 17:16 - 2014-01-12 17:16 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2014-01-12 17:16 - 2009-03-02 11:28 - 00000016 _____ C:\Windows\system32\Drivers\rtkhdaud.dat
2014-01-12 17:16 - 2009-02-24 18:10 - 00551456 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-01-12 17:16 - 2009-02-24 18:09 - 02523680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-01-12 17:16 - 2009-02-24 18:09 - 00998432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-01-12 17:16 - 2009-02-24 18:09 - 00326176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-01-12 17:16 - 2009-02-24 18:09 - 00045600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInst.dll
2014-01-12 17:16 - 2009-02-24 16:48 - 02327968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-01-12 17:16 - 2009-02-12 20:24 - 00282112 _____ (Dolby Laboratories) C:\Windows\system32\RTPCEE32.dll
2014-01-12 17:16 - 2009-02-12 16:52 - 00159232 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\FMAPO.dll
2014-01-12 17:16 - 2009-02-10 11:21 - 00090772 _____ C:\Windows\system32\Drivers\RtConvEQ.DAT
2014-01-12 17:16 - 2009-02-10 11:21 - 00000536 _____ C:\Windows\system32\Drivers\RtHdatEx.dat
2014-01-12 17:16 - 2008-11-09 11:52 - 00159744 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-01-12 17:16 - 2008-10-08 12:56 - 00141312 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-01-12 17:16 - 2008-09-25 16:52 - 00060416 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-01-12 17:16 - 2008-08-25 16:17 - 00528384 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-01-12 17:16 - 2008-05-19 18:25 - 01933312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-01-12 17:16 - 2008-05-19 15:12 - 01777664 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-01-12 17:16 - 2008-04-30 08:48 - 00167936 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-01-12 17:16 - 2007-07-30 18:26 - 00126976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-01-12 17:16 - 2007-07-25 09:33 - 00135168 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-01-12 17:16 - 2007-05-17 11:26 - 00185776 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-01-12 17:16 - 2006-12-13 10:30 - 00339968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-01-12 17:15 - 2009-06-02 23:38 - 00457248 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2014-01-12 17:15 - 2009-02-23 16:20 - 00062976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTSTOR.sys
2014-01-12 17:15 - 2009-02-03 22:39 - 06815264 _____ C:\Windows\system\DriveIcon.dll
2014-01-12 17:11 - 2014-01-12 17:11 - 00503864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-01-12 17:11 - 2014-01-12 17:11 - 00035896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-01-12 17:11 - 2014-01-12 17:11 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 ___HD C:\Intel
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 ____D C:\Program Files\Synaptics
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 ____D C:\Program Files\Intel
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 _____ C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 _____ C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01005.Wdf
2014-01-12 17:11 - 2008-05-01 16:35 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2014-01-12 17:10 - 2014-01-12 17:10 - 00000000 ____D C:\Program Files\Apoint2K
2014-01-12 17:09 - 2014-01-12 17:09 - 00000083 _____ C:\Windows\LManager.UNI
2014-01-12 17:09 - 2014-01-12 17:09 - 00000000 ____D C:\Program Files\Launch Manager
2014-01-12 17:09 - 2009-02-22 18:18 - 00195120 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Drivers\Apfiltr.sys
2014-01-12 17:09 - 2009-02-10 17:18 - 00108478 _____ (Alps Electric Co., Ltd.) C:\Windows\system32\Vxdif.dll
2014-01-12 17:09 - 2009-02-06 10:33 - 00205232 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-01-12 17:09 - 2009-02-06 10:32 - 00206120 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll
2014-01-12 17:09 - 2009-02-06 10:32 - 00169256 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-01-12 17:09 - 2009-02-06 10:32 - 00161064 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-01-12 17:09 - 2009-02-06 10:32 - 00120104 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo4.dll
2014-01-12 17:09 - 2008-10-24 17:39 - 00309768 _____ (Dritek System Inc.) C:\Windows\UNINST32.EXE
2014-01-12 17:09 - 2008-07-08 10:55 - 01112288 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-01-12 17:09 - 2006-11-02 21:29 - 00021264 _____ (Dritek System Inc.) C:\Windows\system32\Drivers\DKbFltr.sys
2014-01-12 17:09 - 2006-11-02 08:09 - 01419232 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01005.dll
2014-01-12 17:08 - 2014-01-12 17:08 - 00000000 ____D C:\Program Files\DIFX
2014-01-12 17:08 - 2008-09-03 20:12 - 00223232 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60x.sys
2014-01-12 17:07 - 2014-01-12 17:07 - 00000000 ____D C:\Windows\system32\nn-NO
2014-01-12 17:07 - 2014-01-12 17:07 - 00000000 ____D C:\Windows\Options
2014-01-12 17:07 - 2008-11-12 15:38 - 00039982 _____ C:\Windows\system32\athrext.cat
2014-01-12 17:07 - 2008-11-04 13:13 - 00952320 _____ (Atheros Communications, Inc.) C:\Windows\system32\athr.sys
2014-01-12 17:07 - 2008-08-28 02:51 - 00524288 _____ (Atheros) C:\Windows\system32\S64CPA.exe
2014-01-12 17:07 - 2008-08-28 02:50 - 00393216 _____ (Atheros) C:\Windows\system32\athihvs.dll
2014-01-12 17:07 - 2008-08-28 02:50 - 00053248 _____ (Atheros) C:\Windows\system32\athihvui.dll
2014-01-12 17:06 - 2014-01-12 22:28 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-12 17:06 - 2014-01-12 17:07 - 00000218 ____H C:\Setup.log
2014-01-12 17:06 - 2014-01-12 17:07 - 00000000 ____D C:\ProgramData\Atheros
2014-01-12 17:06 - 2014-01-12 17:07 - 00000000 ____D C:\Program Files\Atheros
2014-01-12 17:06 - 2014-01-12 17:06 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\InstallShield
2014-01-12 17:06 - 2014-01-12 17:06 - 00000000 ____D C:\Program Files\Cisco
2014-01-12 16:33 - 2014-01-28 02:56 - 00000000 ____D C:\Users\Subroc
2014-01-12 16:33 - 2014-01-12 22:36 - 00000680 _____ C:\Users\Subroc\AppData\Local\d3d9caps.dat
2014-01-12 16:33 - 2014-01-12 22:20 - 00000949 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-12 16:33 - 2014-01-12 22:20 - 00000915 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-01-12 16:33 - 2014-01-12 19:56 - 00049168 _____ C:\Users\Subroc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-12 16:33 - 2014-01-12 19:15 - 00000944 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-01-12 16:33 - 2014-01-12 16:33 - 00000020 ___SH C:\Users\Subroc\ntuser.ini
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Startmenü
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Netzwerkumgebung
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Druckumgebung
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Documents\Eigene Musik
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Documents\Eigene Bilder
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\AppData\Local\Verlauf
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 ____D C:\Users\Subroc\AppData\Local\VirtualStore
2014-01-12 16:33 - 2006-11-02 13:54 - 00000000 ___RD C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-12 16:33 - 2006-11-02 13:50 - 00000000 ___RD C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-12 16:32 - 2003-05-19 11:06 - 00516784 ____R (Xceed Software Inc        (450) 442-2626        support@xceedsoft.com        www.xceedsoft.com) C:\Windows\system32\XceedCry.dll
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Startmenü
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Programme
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\ProgramData\Startmenü
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\ProgramData\Dokumente

Jeribba · 29.01.2014, 13:35

Code:

ATTFilter

==================== One Month Modified Files and Folders =======

2014-01-28 14:56 - 2014-01-28 14:56 - 00000000 ____D C:\FRST
2014-01-28 14:52 - 2006-11-02 11:33 - 01461736 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-28 14:46 - 2014-01-12 22:53 - 00220386 _____ C:\ProgramData\nvModes.001
2014-01-28 14:46 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-28 14:46 - 2006-11-02 13:47 - 00003952 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-28 14:45 - 2006-11-02 13:47 - 00003952 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-28 09:20 - 2014-01-12 23:52 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-01-28 09:20 - 2014-01-12 22:53 - 00220386 _____ C:\ProgramData\nvModes.dat
2014-01-28 09:20 - 2006-11-02 14:01 - 00012560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-28 08:40 - 2014-01-28 08:40 - 00001475 _____ C:\Users\Subroc\Desktop\JRT.txt
2014-01-28 08:38 - 2014-01-28 08:38 - 00000000 ____D C:\Windows\ERUNT
2014-01-28 08:36 - 2014-01-17 15:40 - 00000068 _____ C:\Windows\setupact.log
2014-01-28 02:56 - 2014-01-24 01:54 - 00000000 ____D C:\Users\Subroc\Desktop\Neuer Ordner
2014-01-28 02:56 - 2014-01-13 00:23 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\vlc
2014-01-28 02:56 - 2014-01-12 18:41 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\TeraCopy
2014-01-28 02:56 - 2014-01-12 18:34 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\IrfanView
2014-01-28 02:56 - 2014-01-12 16:33 - 00000000 ____D C:\Users\Subroc
2014-01-28 02:56 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\spool
2014-01-28 02:56 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\registration
2014-01-28 02:56 - 2006-11-02 11:22 - 24117248 _____ C:\Windows\system32\config\components_previous
2014-01-28 02:56 - 2006-11-02 11:22 - 23855104 _____ C:\Windows\system32\config\software_previous
2014-01-28 02:56 - 2006-11-02 11:22 - 22020096 _____ C:\Windows\system32\config\system_previous
2014-01-28 02:56 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\security_previous
2014-01-28 02:56 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\sam_previous
2014-01-28 02:56 - 2006-11-02 11:22 - 00262144 _____ C:\Windows\system32\config\default_previous
2014-01-28 02:54 - 2006-11-02 13:52 - 01558043 _____ C:\Windows\WindowsUpdate.log
2014-01-28 02:47 - 2014-01-28 01:29 - 00000000 ____D C:\AdwCleaner
2014-01-26 14:11 - 2014-01-26 14:11 - 00000000 ____D C:\Users\Subroc\Desktop\BILDER
2014-01-23 04:37 - 2014-01-22 01:43 - 00000000 ____D C:\Program Files\XBC
2014-01-22 01:44 - 2014-01-22 01:44 - 00001603 _____ C:\Users\Public\Desktop\XBC 5.1.lnk
2014-01-22 01:44 - 2014-01-22 01:44 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBC
2014-01-22 01:43 - 2014-01-22 01:43 - 00000000 ____D C:\Program Files\WinPcap
2014-01-22 01:43 - 2014-01-22 01:42 - 07506688 _____ C:\Users\Subroc\Downloads\XBCINST_512.exe
2014-01-22 01:42 - 2014-01-22 01:42 - 00915128 _____ (Riverbed Technology, Inc.) C:\Users\Subroc\Downloads\WinPcap_4_1_3.exe
2014-01-22 00:35 - 2014-01-12 23:52 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-01-21 21:15 - 2014-01-21 20:22 - 00000600 _____ C:\Users\Subroc\PUTTY.RND
2014-01-21 07:38 - 2014-01-13 00:15 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Winamp
2014-01-20 23:38 - 2014-01-20 23:38 - 00389733 _____ C:\Users\Subroc\Downloads\Sixaxis_PS3_Win32_Driver_For_PC.rar
2014-01-17 15:40 - 2014-01-17 15:40 - 00000000 _____ C:\Windows\setuperr.log
2014-01-16 20:21 - 2014-01-16 00:04 - 00000000 ____D C:\Games
2014-01-16 19:58 - 2014-01-16 19:56 - 00000000 ____D C:\Users\Subroc\Documents\Calibre Library
2014-01-16 19:58 - 2014-01-16 19:50 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\calibre
2014-01-16 19:57 - 2014-01-13 01:19 - 00000000 ____D C:\Windows\PANTHER
2014-01-16 19:50 - 2014-01-16 19:50 - 00000000 ____D C:\Users\Subroc\Calibre Bibliothek
2014-01-16 19:46 - 2014-01-12 18:40 - 00000000 ____D C:\Users\Subroc\Desktop\Programme
2014-01-16 16:46 - 2014-01-16 16:45 - 00000000 ____D C:\Program Files\FlashFXP 4
2014-01-16 16:45 - 2014-01-16 16:45 - 00000000 ____D C:\ProgramData\FlashFXP
2014-01-16 09:35 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system
2014-01-16 04:55 - 2014-01-16 04:55 - 00000000 __RSH C:\MSDOS.SYS
2014-01-16 04:55 - 2014-01-16 04:55 - 00000000 __RSH C:\IO.SYS
2014-01-16 04:36 - 2014-01-16 04:36 - 00000000 ____D C:\Program Files\DOSBox-0.74
2014-01-16 04:36 - 2014-01-16 04:33 - 00000000 ____D C:\Users\Subroc\AppData\Local\DOSBox
2014-01-16 04:33 - 2014-01-16 04:33 - 00000000 ____D C:\Program Files\DOSBox-0.73
2014-01-15 22:57 - 2014-01-12 21:25 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 22:55 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 00:36 - 2014-01-12 23:51 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2014-01-14 23:57 - 2014-01-14 23:57 - 00000000 ____D C:\Users\Subroc\AppData\Local\Macromedia
2014-01-14 23:56 - 2014-01-14 23:56 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-01-14 23:56 - 2014-01-14 23:56 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-01-14 23:56 - 2014-01-14 16:23 - 00000000 ____D C:\Users\Subroc\AppData\Local\Adobe
2014-01-14 23:49 - 2014-01-14 23:49 - 00000000 ____D C:\ProgramData\Mozilla
2014-01-14 23:49 - 2014-01-14 23:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2014-01-14 23:49 - 2014-01-12 18:58 - 00000000 ____D C:\Program Files\Mozilla Firefox
2014-01-14 16:23 - 2014-01-12 19:17 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Adobe
2014-01-13 23:29 - 2014-01-13 23:29 - 00000000 ____D C:\Windows\Sun
2014-01-13 20:15 - 2014-01-13 20:14 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\ImgBurn
2014-01-13 17:41 - 2014-01-13 17:39 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\ICQ-Profile
2014-01-13 17:39 - 2014-01-13 17:39 - 00001569 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-01-13 17:39 - 2014-01-13 17:39 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-01-13 17:39 - 2014-01-13 17:39 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\ICQM
2014-01-13 17:38 - 2014-01-13 17:35 - 00000000 ____D C:\Program Files\ICQLite
2014-01-13 17:37 - 2014-01-13 17:37 - 00000000 ____D C:\Users\Subroc\Documents\ICQ Lite
2014-01-13 06:56 - 2014-01-13 06:56 - 00000000 ____D C:\Program Files\LibUSB-Win32-0.1.10.1
2014-01-13 06:51 - 2014-01-12 23:52 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-01-13 06:50 - 2014-01-12 18:53 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-13 06:50 - 2006-11-02 13:47 - 00228296 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-13 01:20 - 2014-01-13 01:20 - 00008192 ___RS C:\BOOTSECT.BAK
2014-01-13 01:20 - 2006-11-02 13:43 - 00037888 _____ C:\Windows\system32\config\BCD-Template.LOG
2014-01-13 01:20 - 2006-11-02 13:37 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2014-01-13 01:19 - 2014-01-13 01:19 - 00000000 ____D C:\Program Files\UseNeXT
2014-01-13 01:18 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\system32\de
2014-01-13 01:18 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\system32\0407
2014-01-13 01:18 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\de-DE
2014-01-13 01:18 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\WindowsMobile
2014-01-13 01:18 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\system32\winrm
2014-01-13 01:18 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\system32\WCN
2014-01-13 01:18 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\system32\slmgr
2014-01-13 01:18 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2014-01-13 01:18 - 2006-11-02 13:42 - 00000000 ____D C:\Windows\system32\Branding
2014-01-13 01:18 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\DigitalLocker
2014-01-13 01:18 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2014-01-13 01:18 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Journal
2014-01-13 01:18 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Collaboration
2014-01-13 01:18 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\MUI
2014-01-13 01:18 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\com
2014-01-13 01:18 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\MSAgent
2014-01-13 01:18 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\IME
2014-01-13 00:38 - 2014-01-13 00:38 - 00001792 _____ C:\Windows\TSearch.INI
2014-01-13 00:18 - 2014-01-13 00:18 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XviD
2014-01-13 00:18 - 2014-01-13 00:18 - 00000000 ____D C:\Program Files\XviD
2014-01-13 00:16 - 2014-01-13 00:15 - 00000000 ____D C:\Program Files\Winamp
2014-01-13 00:14 - 2014-01-13 00:14 - 00000000 ____D C:\Program Files\VideoLAN
2014-01-13 00:11 - 2014-01-13 00:11 - 00000000 ____D C:\Program Files\Elaborate Bytes
2014-01-13 00:04 - 2014-01-13 00:04 - 00000000 ____D C:\Users\Subroc\Documents\My ISO Files
2014-01-13 00:04 - 2014-01-13 00:04 - 00000000 ____D C:\Program Files\UltraISO
2014-01-13 00:04 - 2014-01-13 00:04 - 00000000 ____D C:\Program Files\Common Files\EZB Systems
2014-01-12 23:58 - 2014-01-12 23:51 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2014-01-12 23:46 - 2014-01-12 23:44 - 00000000 ____D C:\ProgramData\VistaCodecs
2014-01-12 23:44 - 2014-01-12 23:44 - 00000000 ____D C:\Users\Subroc\AppData\Local\Google
2014-01-12 23:43 - 2014-01-12 23:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2014-01-12 23:34 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\NDF
2014-01-12 23:33 - 2014-01-12 23:33 - 00000110 _____ C:\Users\Subroc\Documents\ax_files.xml
2014-01-12 23:32 - 2014-01-12 23:32 - 00691696 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-01-12 23:06 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-12 22:53 - 2014-01-12 22:51 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-12 22:46 - 2014-01-13 01:18 - 00000000 ____D C:\Windows\system32\Drivers\de-DE
2014-01-12 22:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\de-DE
2014-01-12 22:46 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Help
2014-01-12 22:36 - 2014-01-12 16:33 - 00000680 _____ C:\Users\Subroc\AppData\Local\d3d9caps.dat
2014-01-12 22:33 - 2014-01-12 17:17 - 00000000 ____D C:\Windows\system32\RTCOM
2014-01-12 22:33 - 2014-01-12 17:16 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
2014-01-12 22:33 - 2014-01-12 17:16 - 00002796 ____H C:\RHDSetup.log
2014-01-12 22:28 - 2014-01-12 17:06 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2014-01-12 22:26 - 2014-01-12 22:26 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\WinRAR
2014-01-12 22:20 - 2014-01-12 16:33 - 00000949 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-12 22:20 - 2014-01-12 16:33 - 00000915 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-01-12 22:19 - 2006-11-02 13:50 - 00000749 ____R C:\Windows\WindowsShell.Manifest
2014-01-12 22:19 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-12 22:19 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-12 22:19 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-01-12 22:19 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-01-12 22:19 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2014-01-12 22:14 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2014-01-12 22:14 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Defender
2014-01-12 22:14 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Windows Calendar
2014-01-12 22:14 - 2006-11-02 13:37 - 00000000 ____D C:\Program Files\Movie Maker
2014-01-12 22:14 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\SLUI
2014-01-12 22:14 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ras
2014-01-12 22:14 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\icsxml
2014-01-12 22:14 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-12 22:12 - 2014-01-12 22:12 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-01-12 22:12 - 2014-01-12 22:12 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 06067200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 03599360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 02452872 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-12 22:10 - 2014-01-12 22:10 - 01830912 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-12 22:10 - 2014-01-12 22:10 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-12 22:10 - 2014-01-12 22:10 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00832512 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00459264 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-12 22:10 - 2014-01-12 22:10 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\ieencode.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-12 22:10 - 2014-01-12 22:10 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-12 22:10 - 2014-01-12 22:10 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-12 22:08 - 2014-01-12 22:08 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-01-12 22:08 - 2014-01-12 22:08 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2014-01-12 22:08 - 2014-01-12 22:08 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00564736 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2014-01-12 22:07 - 2014-01-12 22:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2014-01-12 22:07 - 2014-01-12 22:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\traffic.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2014-01-12 22:07 - 2014-01-12 22:07 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\pacerprf.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshqos.dll
2014-01-12 22:07 - 2014-01-12 22:07 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\icsunattend.exe
2014-01-12 22:07 - 2014-01-12 22:07 - 00001820 _____ C:\Windows\system32\rasctrnm.h
2014-01-12 22:06 - 2014-01-12 22:06 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-01-12 22:06 - 2014-01-12 22:06 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-01-12 22:06 - 2014-01-12 22:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-01-12 22:05 - 2014-01-12 22:05 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\msoeacct.dll
2014-01-12 22:05 - 2014-01-12 22:05 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\msoert2.dll
2014-01-12 22:05 - 2014-01-12 22:05 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\ACCTRES.dll
2014-01-12 22:04 - 2014-01-12 22:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-01-12 22:04 - 2014-01-12 22:04 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-01-12 22:04 - 2014-01-12 22:04 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2014-01-12 22:04 - 2014-01-12 22:04 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2014-01-12 22:04 - 2014-01-12 22:04 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2014-01-12 22:03 - 2014-01-12 22:03 - 00704000 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-01-12 22:03 - 2014-01-12 22:03 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-01-12 22:03 - 2014-01-12 22:03 - 00258232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-12 22:03 - 2014-01-12 22:03 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00028344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\battc.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2014-01-12 22:03 - 2014-01-12 22:03 - 00020920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\compbatt.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CmBatt.sys
2014-01-12 22:03 - 2014-01-12 22:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2014-01-12 22:02 - 2014-01-12 22:02 - 01657350 _____ C:\Windows\system32\wlan.tmf
2014-01-12 22:02 - 2014-01-12 22:02 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\L2SecHC.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2014-01-12 22:02 - 2014-01-12 22:02 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-01-12 22:01 - 2014-01-12 22:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-01-12 22:00 - 2014-01-12 22:00 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-01-12 22:00 - 2014-01-12 22:00 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-01-12 22:00 - 2014-01-12 22:00 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-01-12 22:00 - 2014-01-12 22:00 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-01-12 21:59 - 2014-01-12 21:59 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-01-12 21:59 - 2014-01-12 21:59 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-01-12 21:58 - 2014-01-12 21:58 - 03502480 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 03468168 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 02855424 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-01-12 21:58 - 2014-01-12 21:58 - 02433536 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-01-12 21:58 - 2014-01-12 21:58 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-01-12 21:58 - 2014-01-12 21:58 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-01-12 21:58 - 2014-01-12 21:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-01-12 21:55 - 2014-01-12 21:55 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-12 21:54 - 2014-01-12 21:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\atl.dll
2014-01-12 21:54 - 2014-01-12 21:54 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-01-12 21:53 - 2014-01-12 21:53 - 01060920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-01-12 21:53 - 2014-01-12 21:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-12 21:53 - 2014-01-12 21:53 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2014-01-12 21:52 - 2014-01-12 21:52 - 00374456 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-01-12 21:51 - 2014-01-12 21:51 - 00500736 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2014-01-12 21:51 - 2014-01-12 21:51 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-01-12 21:51 - 2014-01-12 21:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2014-01-12 21:50 - 2014-01-12 21:50 - 01871872 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-01-12 21:50 - 2014-01-12 21:50 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-01-12 21:50 - 2014-01-12 21:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-01-12 21:49 - 2014-01-12 21:49 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-01-12 21:48 - 2014-01-12 21:48 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-01-12 21:48 - 2014-01-12 21:48 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-01-12 21:47 - 2014-01-12 21:47 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2014-01-12 21:46 - 2014-01-12 21:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\cmifw.dll
2014-01-12 21:46 - 2014-01-12 21:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 01244672 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-01-12 21:44 - 2014-01-12 21:44 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-01-12 21:44 - 2014-01-12 21:44 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-01-12 21:43 - 2014-01-12 21:43 - 11315712 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-12 21:42 - 2014-01-12 21:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-12 21:41 - 2014-01-12 21:41 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-01-12 21:40 - 2014-01-12 21:40 - 00211000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00110136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00045112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00028216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-01-12 21:40 - 2014-01-12 21:40 - 00021560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2014-01-12 21:39 - 2014-01-12 21:39 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-01-12 21:39 - 2014-01-12 21:39 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-01-12 21:38 - 2014-01-12 21:38 - 01233920 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00408136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-12 21:38 - 2014-01-12 21:38 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-12 21:38 - 2014-01-12 21:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-12 21:37 - 2014-01-12 21:37 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 11722752 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0001.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 07964672 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0024.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 06781440 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0019.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 06224896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0027.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 05791232 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0026.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 05499904 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0022.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04981248 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0013.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0010.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04164096 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04093440 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004c.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 04045824 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons003e.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004a.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 03331072 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0018.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 02466816 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0011.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 02136064 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0021.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01972736 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004e.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01808896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0046.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01793536 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0045.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01782272 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0039.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01702912 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons004b.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01558016 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0049.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01452544 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0003.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01411072 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0047.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 01236992 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0020.dll
2014-01-12 21:37 - 2014-01-12 21:37 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2014-01-12 21:37 - 2014-01-12 21:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons002a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 09892864 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 09845248 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 07042560 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons081a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06917120 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0c1a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06585856 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001b.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06346240 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06237696 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000c.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 06014976 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons001a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05654528 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000f.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05090816 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0416.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05071872 _____ (Microsoft Corporation) C:\Windows\system32\NlsModels0011.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 05031936 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0816.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04874240 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0009.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04616192 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0414.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04495360 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0019.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0816.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0416.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0414.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 04493312 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0010.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03464704 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0013.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004e.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004c.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004b.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData004a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0049.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0047.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0046.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0045.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0039.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 03102720 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0020.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0011.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02641408 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000c.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0001.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0007.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01965056 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0027.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0c1a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData081a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0026.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0024.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001b.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData001a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0018.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData000f.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0003.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01963520 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData003e.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData002a.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0022.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01799168 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0021.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01722368 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons000d.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 01523200 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0000.dll
2014-01-12 21:36 - 2014-01-12 21:36 - 00797696 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-01-12 21:34 - 2014-01-12 21:34 - 01585664 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00944184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00905400 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00620088 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00224824 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\loadperf.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\lodctr.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\dispci.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00034360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00019000 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\prflbmsg.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\srdelayed.exe
2014-01-12 21:33 - 2014-01-12 21:33 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-01-12 21:33 - 2014-01-12 21:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\batt.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2014-01-12 21:33 - 2014-01-12 21:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\kbd106n.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-01-12 21:32 - 2014-01-12 21:32 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2014-01-12 21:32 - 2014-01-12 21:32 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2014-01-12 21:32 - 2014-01-12 21:32 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2014-01-12 21:32 - 2014-01-12 21:32 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-12 21:31 - 2014-01-12 21:31 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00213592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-12 21:31 - 2014-01-12 21:31 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-01-12 21:31 - 2014-01-12 21:31 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-01-12 21:31 - 2014-01-12 21:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2014-01-12 21:31 - 2014-01-12 21:31 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2014-01-12 21:30 - 2014-01-12 21:30 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-01-12 21:30 - 2014-01-12 21:30 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2014-01-12 21:30 - 2014-01-12 21:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2014-01-12 21:30 - 2014-01-12 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 02605568 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2014-01-12 21:29 - 2014-01-12 21:29 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2014-01-12 21:29 - 2014-01-12 21:29 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-01-12 21:28 - 2014-01-12 21:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 08138240 _____ (Microsoft Corporation) C:\Windows\system32\ssBranded.scr
2014-01-12 21:27 - 2014-01-12 21:27 - 01984512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2014-01-12 21:27 - 2014-01-12 21:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2014-01-12 21:27 - 2014-01-12 21:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcmonitor.dll
2014-01-12 21:24 - 2014-01-12 21:24 - 02031104 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-12 21:24 - 2014-01-12 21:24 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-01-12 21:24 - 2014-01-12 21:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-01-12 21:24 - 2014-01-12 21:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2014-01-12 21:24 - 2014-01-12 21:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-01-12 21:23 - 2014-01-12 21:23 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-01-12 21:23 - 2014-01-12 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2014-01-12 21:23 - 2014-01-12 21:23 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2014-01-12 21:22 - 2014-01-12 21:22 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-01-12 21:22 - 2014-01-12 21:22 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-01-12 21:22 - 2014-01-12 21:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-01-12 21:22 - 2014-01-12 21:22 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2014-01-12 21:13 - 2014-01-12 21:13 - 00781344 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-01-12 21:13 - 2014-01-12 21:13 - 00326160 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-01-12 21:13 - 2014-01-12 21:13 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00097800 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00043544 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-01-12 21:13 - 2014-01-12 21:13 - 00037384 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-01-12 21:13 - 2014-01-12 21:13 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-01-12 21:13 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2014-01-12 21:04 - 2014-01-12 20:57 - 26607616 _____ C:\Windows\ocsetup_install_NetFx3.etl
2014-01-12 21:04 - 2014-01-12 20:57 - 00196608 _____ C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-01-12 21:04 - 2014-01-12 20:57 - 00065536 _____ C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-01-12 20:10 - 2014-01-12 20:10 - 01507328 _____ C:\Windows\ocsetup_install_MicrosoftWindowsPowerShell.etl
2014-01-12 20:10 - 2014-01-12 20:10 - 00196608 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.perf
2014-01-12 20:10 - 2014-01-12 20:10 - 00131072 _____ C:\Windows\ocsetup_cbs_install_MicrosoftWindowsPowerShell.dpx
2014-01-12 19:56 - 2014-01-12 16:33 - 00049168 _____ C:\Users\Subroc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-12 19:48 - 2014-01-12 19:48 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00096760 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-01-12 19:48 - 2014-01-12 19:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-01-12 19:32 - 2014-01-12 19:32 - 04247552 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2014-01-12 19:32 - 2014-01-12 19:32 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-01-12 19:32 - 2014-01-12 19:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2014-01-12 19:31 - 2014-01-12 19:31 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-01-12 19:31 - 2014-01-12 19:31 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-01-12 19:31 - 2014-01-12 19:31 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-01-12 19:31 - 2014-01-12 19:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-01-12 19:30 - 2014-01-12 19:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-01-12 19:30 - 2014-01-12 19:30 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-01-12 19:29 - 2014-01-12 19:29 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-01-12 19:29 - 2014-01-12 19:29 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-01-12 19:29 - 2014-01-12 19:29 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-01-12 19:29 - 2014-01-12 19:29 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-01-12 19:27 - 2014-01-12 19:27 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-01-12 19:27 - 2014-01-12 19:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-01-12 19:27 - 2014-01-12 19:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-01-12 19:26 - 2014-01-12 19:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-01-12 19:26 - 2014-01-12 19:26 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-01-12 19:25 - 2014-01-12 19:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-01-12 19:24 - 2014-01-12 19:24 - 10622464 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-12 19:24 - 2014-01-12 19:24 - 08147968 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-12 19:24 - 2014-01-12 19:24 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2014-01-12 19:24 - 2014-01-12 19:24 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2014-01-12 19:24 - 2014-01-12 19:24 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-01-12 19:24 - 2014-01-12 19:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-01-12 19:24 - 2014-01-12 19:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-01-12 19:18 - 2014-01-12 19:15 - 00006144 _____ C:\Users\Subroc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-12 19:17 - 2014-01-12 19:17 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Macromedia
2014-01-12 19:15 - 2014-01-12 19:15 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\DivX
2014-01-12 19:15 - 2014-01-12 16:33 - 00000944 _____ C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-01-12 19:03 - 2014-01-12 19:03 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-12 19:03 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-12 19:02 - 2014-01-12 19:02 - 00000000 __RHD C:\MSOCache
2014-01-12 18:59 - 2014-01-12 18:58 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Mozilla
2014-01-12 18:58 - 2014-01-12 18:58 - 00000000 ____D C:\Users\Subroc\AppData\Local\Mozilla
2014-01-12 18:54 - 2014-01-12 18:54 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Malwarebytes
2014-01-12 18:53 - 2014-01-12 18:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-12 18:45 - 2014-01-12 18:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-12 18:45 - 2014-01-12 18:46 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-12 18:45 - 2014-01-12 18:46 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-12 18:45 - 2014-01-12 18:45 - 00000000 ____D C:\Program Files\Java
2014-01-12 18:42 - 2014-01-12 18:42 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-01-12 18:42 - 2014-01-12 18:42 - 00000000 ____D C:\Program Files\WinRAR
2014-01-12 18:40 - 2014-01-12 18:40 - 00000000 ____D C:\Windows\system32\Macromed
2014-01-12 18:40 - 2014-01-12 18:40 - 00000000 ____D C:\Program Files\Wise
2014-01-12 18:39 - 2014-01-12 18:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-12 18:39 - 2014-01-12 18:39 - 00000000 ____D C:\Program Files\Adobe
2014-01-12 18:39 - 2014-01-12 18:37 - 00000000 ____D C:\ProgramData\Adobe
2014-01-12 18:36 - 2014-01-12 18:35 - 00000000 ____D C:\Program Files\ImgBurn
2014-01-12 18:34 - 2014-01-12 18:34 - 00000000 ____D C:\Program Files\IrfanView
2014-01-12 18:33 - 2014-01-12 18:33 - 00000000 ____D C:\Program Files\Common Files\DivX Shared
2014-01-12 18:33 - 2014-01-12 18:32 - 00000000 ____D C:\Program Files\DivX
2014-01-12 18:33 - 2014-01-12 18:31 - 00000000 ____D C:\ProgramData\DivX
2014-01-12 18:30 - 2014-01-12 18:30 - 00000000 ____D C:\Program Files\XnView
2014-01-12 18:27 - 2014-01-12 18:27 - 00000000 ____D C:\Program Files\TeraCopy
2014-01-12 18:27 - 2014-01-12 18:27 - 00000000 ____D C:\Program Files\MDF to ISO
2014-01-12 18:26 - 2014-01-12 18:26 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Notepad++
2014-01-12 18:26 - 2014-01-12 18:26 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-01-12 18:26 - 2014-01-12 18:26 - 00000000 ____D C:\Program Files\Notepad++
2014-01-12 18:25 - 2014-01-12 18:25 - 00000000 ____D C:\Program Files\7-Zip
2014-01-12 18:20 - 2014-01-12 18:19 - 00000000 ____D C:\Program Files\Calibre2
2014-01-12 18:18 - 2014-01-12 18:18 - 00000000 ____D C:\Program Files\CCleaner
2014-01-12 17:43 - 2014-01-12 17:44 - 00457248 _____ (NVIDIA Corporation) C:\Windows\system32\nvudisp.exe
2014-01-12 17:16 - 2014-01-12 17:16 - 00000000 ____D C:\Program Files\Realtek
2014-01-12 17:16 - 2014-01-12 17:16 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2014-01-12 17:11 - 2014-01-12 17:11 - 00503864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-01-12 17:11 - 2014-01-12 17:11 - 00035896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-01-12 17:11 - 2014-01-12 17:11 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 ___HD C:\Intel
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 ____D C:\Program Files\Synaptics
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 ____D C:\Program Files\Intel
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 _____ C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01007.Wdf
2014-01-12 17:11 - 2014-01-12 17:11 - 00000000 _____ C:\Windows\system32\Drivers\Msft_Kernel_Apfiltr_01005.Wdf
2014-01-12 17:10 - 2014-01-12 17:10 - 00000000 ____D C:\Program Files\Apoint2K
2014-01-12 17:09 - 2014-01-12 17:09 - 00000083 _____ C:\Windows\LManager.UNI
2014-01-12 17:09 - 2014-01-12 17:09 - 00000000 ____D C:\Program Files\Launch Manager
2014-01-12 17:08 - 2014-01-12 17:08 - 00000000 ____D C:\Program Files\DIFX
2014-01-12 17:07 - 2014-01-12 17:07 - 00000000 ____D C:\Windows\system32\nn-NO
2014-01-12 17:07 - 2014-01-12 17:07 - 00000000 ____D C:\Windows\Options
2014-01-12 17:07 - 2014-01-12 17:06 - 00000218 ____H C:\Setup.log
2014-01-12 17:07 - 2014-01-12 17:06 - 00000000 ____D C:\ProgramData\Atheros
2014-01-12 17:07 - 2014-01-12 17:06 - 00000000 ____D C:\Program Files\Atheros
2014-01-12 17:07 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\system32\restore
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-TW
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\zh-CN
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\tr-TR
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\sv-SE
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ru-RU
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pt-PT
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\pl-PL
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\nl-NL
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ko-KR
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\ja-JP
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\it-IT
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\hu-HU
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\fr-FR
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\fi-FI
2014-01-12 17:07 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\el-GR
2014-01-12 17:06 - 2014-01-12 17:06 - 00000000 ____D C:\Users\Subroc\AppData\Roaming\InstallShield
2014-01-12 17:06 - 2014-01-12 17:06 - 00000000 ____D C:\Program Files\Cisco
2014-01-12 16:33 - 2014-01-12 16:33 - 00000020 ___SH C:\Users\Subroc\ntuser.ini
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Startmenü
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Netzwerkumgebung
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Druckumgebung
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Documents\Eigene Musik
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\Documents\Eigene Bilder
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 _SHDL C:\Users\Subroc\AppData\Local\Verlauf
2014-01-12 16:33 - 2014-01-12 16:33 - 00000000 ____D C:\Users\Subroc\AppData\Local\VirtualStore
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Startmenü
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\Programme
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\ProgramData\Startmenü
2014-01-12 16:30 - 2014-01-12 16:30 - 00000000 _SHDL C:\ProgramData\Dokumente
2014-01-12 16:30 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2014-01-12 16:30 - 2006-11-02 12:18 - 00000000 ____D C:\Program Files\Windows NT

Some content of TEMP:
====================
C:\Users\Subroc\AppData\Local\Temp\guninst.exe
C:\Users\Subroc\AppData\Local\Temp\RtkBtMnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-28 09:40

==================== End Of Log ============================

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-01-2014 03
Ran by Subroc at 2014-01-28 14:56:37
Running from E:\Neuer Ordner\Proggis
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

7-Zip 4.60 beta (Version:  - )
Adobe Flash Player 12 Plugin (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) - Deutsch (Version: 10.1.2 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (Version: 7.5.2002.201 - Alps Electric)
Atheros for Acer Driver v7.6.1.162_Foxconn Installation Program (Version: 7.6.1.162 - Atheros)
calibre (Version: 0.7.1 - Kovid Goyal)
CCleaner (Version: 3.28 - Piriform)
Cisco EAP-FAST Module (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.0.13 - Cisco Systems, Inc.)
DivX-Setup (Version: 2.6.1.90 - DivX, LLC)
FlashFXP v4.2 (Version: 4.2.3.1771 - OpenSight Software, LLC)
ICQ 8.2 (build 6901) (HKCU Version: 8.2.6901.0 - ICQ)
ImgBurn (Version: 2.5.6.0 - LIGHTNING UK!)
IrfanView (remove only) (Version: 4.27 - Irfan Skiljan)
Launch Manager (Version: 2.0.01 - Packard Bell)
LibUSB-Win32-0.1.10.1 (Version: 0.1.10.1 - LibUSB-Win32)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
MDF to ISO version 1.0 (Version: 1.0 - mdftoiso.com)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (Version: 11.0.6506.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Notepad++ (Version: 6.3.1 - )
NVIDIA Drivers (Version: 1.3 - NVIDIA Corporation)
Realtek High Definition Audio Driver (Version: 6.0.1.5798 - Realtek Semiconductor Corp.)
Sid Meier's Planetary Pack (Version:  - )
Spybot - Search & Destroy (Version: 2.2.25 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (Version: 12.2.2.0 - Synaptics Incorporated)
TeraCopy 2.27 (Version:  - Code Sector)
UltraISO Premium V9.52 (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (Version:  - Elaborate Bytes)
VLC media player 1.0.5 (Version: 1.0.5 - VideoLAN Team)
Winamp (Version: 5.541  - Nullsoft, Inc)
Windows Driver Package - Broadcom (b57nd60x) Net  (10/22/2008 11.7.2.0) (Version: 10/22/2008 11.7.2.0 - Broadcom)
Windows Driver Package - Broadcom (k57nd60x) Net  (09/11/2008 11.22.0.0) (Version: 09/11/2008 11.22.0.0 - Broadcom)
Windows Driver Package - Synaptics (SynTP) Mouse  (02/05/2009 12.2.2.0) (Version: 02/05/2009 12.2.2.0 - Synaptics)
WinPcap 4.1.3 (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR (Version:  - )
Wise Registry Cleaner 7.65 (Version:  - WiseCleaner.com, Inc.)
XBC 5.1 (Version: 5.0 - XBConnect)
XnView 1.99.6 (Version: 1.99.6 - Gougelet Pierre-e)
XviD MPEG-4 Codec (Version:  - )

==================== Restore Points  =========================

20-01-2014 07:01:48 Geplanter Prüfpunkt
21-01-2014 15:54:39 Windows Update
22-01-2014 04:49:08 Geplanter Prüfpunkt
23-01-2014 15:02:38 Geplanter Prüfpunkt
24-01-2014 06:49:26 Windows Update
25-01-2014 13:11:45 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {38AC19F5-2EAB-4727-A11E-93AA27B8FEDB} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2006-11-02] (Microsoft Corporation)
Task: {4FA5EA3F-70B1-4A99-B9F7-DAE133C609B1} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {83EC1185-F15E-4F97-A0EB-40F1379F4D05} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {94568830-4FF3-4E8E-A24E-F2C5D5621439} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-19] (Piriform Ltd)
Task: {9EB44560-63F6-4CA3-8294-048D3F7D340B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2006-11-02] ()
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:233BFF24

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2014 02:47:57 PM) (Source: EventSystem) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/28/2014 09:43:16 AM) (Source: EventSystem) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/28/2014 09:43:07 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6000.16771, Zeitstempel 0x4907deda, fehlerhaftes Modul SHELL32.dll, Version 6.0.6000.16774, Zeitstempel 0x4912e93f, Ausnahmecode 0xc0000005, Fehleroffset 0x0005b3c6,
Prozess-ID 0x258, Anwendungsstartzeit Explorer.EXE0.

Error: (01/28/2014 09:40:02 AM) (Source: EventSystem) (User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/28/2014 09:20:53 AM) (Source: Winlogon) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.

Error: (01/28/2014 09:20:19 AM) (Source: Winlogon) (User: )
Description: Die Windows-Lizenz ist ungültig. Fehler 0xC004F012. Richtlinienwert 0x00000000.

Error: (01/28/2014 08:42:51 AM) (Source: Winlogon) (User: )
Description: Die Windows-Lizenz ist ungültig. Fehler 0xC004F012. Richtlinienwert 0x00000000.


System errors:
=============
Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: AFD
DfsC
ElbyCDIO
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
sptd
Tcpip
tdx
Wanarpv6

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: TCP/IP Registry CompatibilityTCP/IP-Protokolltreiber%%31

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: NLA (Network Location Awareness)TCP/IP-Protokolltreiber%%31

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: IP-HilfsdienstNetzwerkspeicher-Schnittstellendienst%%1068

Error: (01/28/2014 02:48:43 PM) (Source: Service Control Manager) (User: )
Description: WebClientWebDav Client Redirector Driver%%1068


Microsoft Office Sessions:
=========================
Error: (01/28/2014 02:47:57 PM) (Source: EventSystem)(User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/28/2014 09:43:16 AM) (Source: EventSystem)(User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/28/2014 09:43:07 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6000.167714907dedaSHELL32.dll6.0.6000.167744912e93fc00000050005b3c625801cf1c048540bf51

Error: (01/28/2014 09:40:02 AM) (Source: EventSystem)(User: )
Description: d:\vista_gdr\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (01/28/2014 09:20:53 AM) (Source: Winlogon)(User: )
Description: 0x000000000x40010004

Error: (01/28/2014 09:20:19 AM) (Source: Winlogon)(User: )
Description: 0xC004F0120x00000000

Error: (01/28/2014 08:42:51 AM) (Source: Winlogon)(User: )
Description: 0xC004F0120x00000000


CodeIntegrity Errors:
===================================
  Date: 2014-01-28 00:37:18.608
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.577
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.530
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.499
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.468
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.421
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.343
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.312
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.265
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-28 00:37:18.234
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 2047.2 MB
Available physical RAM: 1558.05 MB
Total Pagefile: 4308.69 MB
Available Pagefile: 4002.51 MB
Total Virtual: 2047.88 MB
Available Virtual: 1949.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:132.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (UBCD528) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
Drive e: () (Removable) (Total:1.87 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 0FA837BC)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 020E4436)
Partition 1: (Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================

schrauber · 29.01.2014, 18:56

Zitat:

Hatte ich gestern schon gemacht

Dann hättest Du die gleich mit posten sollen

Zitat:

FF NetworkProxy: "http", "110.208.25.121"
FF NetworkProxy: "http_port", 9000
FF NetworkProxy: "type", 0

Hast Du den Proxy gesetzt?

Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

Jeribba · 30.01.2014, 07:28

Was meinst du genau mit Proxy?
Wüsste jetzt nicht das ich da jemals in der Hinsicht was geändert bzw gesetzt hätte

E:
Ach, jetzt fällt mir ein das ich letztens im IE paar Proxy´s verwendet hatte, aber habs sie danach auch gleich wieder rausgemacht.
Den IE benutze ich zb überhaupt nicht (nur das eine mal zum testen von den Proxy´s), also kann das doch kein Risiko sein eine ältere Version davon zu haben wenn mans eh nich benutzt, oder?

Kenne mich darin zwar überhaupt nicht aus, aber kann es sein dass das ganze durch die Verwedung von Proxys ausgelöst werden konnte?

Code:

ATTFilter

Farbar Service Scanner Version: 08-01-2014
Ran by Subroc (administrator) on 30-01-2014 at 07:24:43
Running from "C:\Users\Subroc\Desktop"
Microsoft® Windows Vista™ Home Premium   (X86)
Boot Mode: Minimal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.

Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.
Checking LEGACY_Nsi: ATTENTION!=====> Unable to open LEGACY_Nsi\0000 registry key. The key does not exist.

nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.

tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.

Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.


Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
LAN connected.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
Checking LEGACY_MpsSvc: ATTENTION!=====> Unable to open LEGACY_MpsSvc\0000 registry key. The key does not exist.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.
Checking LEGACY_bfe: ATTENTION!=====> Unable to open LEGACY_bfe\0000 registry key. The key does not exist.


Firewall Disabled Policy: 
==================


System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: ATTENTION!=====> Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.


System Restore Disabled Policy: 
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Checking LEGACY_wscsvc: ATTENTION!=====> Unable to open LEGACY_wscsvc\0000 registry key. The key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
Checking LEGACY_BITS: ATTENTION!=====> Unable to open LEGACY_BITS\0000 registry key. The key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll
[2006-11-02 10:14] - [2006-11-02 10:46] - 1568256 ____A (Microsoft Corporation) 9397D21939A25DA1BD0ED8DB5BB3C853

C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-01-12 21:56] - [2014-01-12 21:56] - 0265912 ____A (Microsoft Corporation) 0D5AD0E71FF5DDAC5DD2F443B499ABD0

C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll
[2014-01-12 21:31] - [2014-01-12 21:31] - 0179712 ____A (Microsoft Corporation) ECC9AD72CFC4AB41CF6A9BCC11F9FEF6

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

schrauber · 30.01.2014, 17:02

Das ist aber ein Firefox Proxy

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

FF NetworkProxy: "http", "110.208.25.121"
FF NetworkProxy: "http_port", 9000
FF NetworkProxy: "type", 0

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Jeribba · 30.01.2014, 22:42

Geht immer noch nichts.

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-01-2014 03
Ran by Subroc at 2014-01-30 22:31:05 Run:1
Running from C:\Users\Subroc\Desktop
Boot Mode: Safe Mode (minimal)

==============================================

Content of fixlist:
*****************
FF NetworkProxy: "http", "110.208.25.121"
FF NetworkProxy: "http_port", 9000
FF NetworkProxy: "type", 0
*****************

Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.

==== End of Fixlog ====

schrauber · 31.01.2014, 16:54

Geht das ein wenig genauer? Was geht nicht?

Jeribba · 31.01.2014, 17:08

Ich habs doch schon ein paar mal beschrieben, ich komme nicht ins Desktop.
Sobald normalerweise das Desktop erscheinen sollte kommt ein schwarzer Hintergund mit der Meldung welches das Windows Serial verlangt.
Und genau das meinte ich auch mit "Geht immer noch nichts", was denn auch sonst.
Darauf hättest du aber eigentlich kommen können.

Ich kenne mich zwar kaum aus, aber denke kaum dass das Problem einfach dadurch behoben wird wenn man die Proxys zurücksetzt. Denn irgendwo muss die Malware sich ja noch befinden.

Ich hab doch jetzt die Logs gepostet, was nun?

Nochmal:

Ausser ins normale abgesicherte Modus komme ich nirgends rein ohne das die Meldung kommt.
Auch nicht im abgesichertem Modus mit Netzwerktreibern.

Achja, ich hab danach abermals MBAM, Adwcleaner und auch SUPERAntiSpyware laufen lassen, ohne Erfolg.

schrauber · 01.02.2014, 11:16

Downloade dir bitte Windows Repair (All In One) von hier.

Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
Klicke auf Step 2 und drücke unter Check Disk auf Do It.
Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.
Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.
Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
Hake Restart System when Finished an.
Drücke Start.

Gibt es mehrere Benutzerkonten? Wenn nein im Safe Mode ein neues anlegen mit ADminrechten, in dieses normal booten. Geht das?

Jeribba · 01.02.2014, 13:54

Hab nun alles genauso gemacht wie von dir gezeigt, aber es hat nichts gebracht.
Auch habe ich ein anderes Benutzerkonto mit Adminrechten angelegt, aber ausser das jetzt der Hintergund blau geworden ist hat sich nichts geändert, diese Meldung kommt immernoch.

Hier mal zwei Bilder damit du dir ein besseres Bild davon machen kannst.

Wenn ich auf "Zugriff auf den Computer mit reduzierter Funktionalität" gehe öffnet sich der IE mit der Micrsofot Webseite. Ausser den IE geht aber gar nichts, kein Desktop oder sonstwas ist vorhanden, als wäre eine Blockade dazwischen. Schliesse ich den IE fährt der Rechner automatisch herunter.

Wenn ich auf Abbrechen gehe fährt der PC auch automatisch herunter.

Und sonst kann ich nurnoch den Product Key eingeben.
Aber das kann doch niemals was offizielles sein. In den ganzen Jahren ist mir das noch nie passiert, obwohl ich Vista auf diesem Laptop mit der selben originalen Vista DVD schon paar mal installiert habe. Auch bei der Installation musste ich soweit ich mich erinnere nie einen Product Key eingeben. Das letzte mal habe ich Vista vor einem Monat installiert, und jetzt aus heiterem Himmel heraus wird nach dem Product Key verlangt, wobei ja kurz danach wie ich ja schon davon berichtet habe diese Malware Datei namens PUM.Hijack.StartMenu gefunden und angeblich gelöscht wurde (und wieder auftauchte und wieder gelöscht wurde, aber seit dem nicht mehr aufgetaucht), also muss es da doch einen Zusammenhang geben.

So ein hartnäckiger Mist ist mir noch nie untergekommen. Jede andere Malware konnte ich bisher selber entfernen. Ich hoffe das denjenigen die sowas entwickeln die Hände abfallen.

schrauber · 02.02.2014, 06:48

Hast Du den Key? Legitim ist das schon, es gibt diverse Malware die auch gerne mal WIndows verbiegt, Dienste und Co, und dann ist die Registrierung weg. Biste nicht der Erste.

31.01.2014, 16:54	#11
schrauber /// the machine /// TB-Ausbilder	Problem -> PUM.Hijack.StartMenu Geht das ein wenig genauer? Was geht nicht? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Problem -> PUM.Hijack.StartMenu

Plagegeister aller Art und deren Bekämpfung: Problem -> PUM.Hijack.StartMenu