| |
| |||||||
Log-Analyse und Auswertung: Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking PhishingWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.06.2014, 10:51
| #1 |
| |  Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing Hallo zusammen, ich hatte gestern beim OnlineBanking eine Aufforderung mittels TAN-Generator eine TAN zu erstellen und einzugeben um eine Sicherheitsprüfung abzuschließnen. Zugang zum Banking hab ich gleich sperren lassen, ist auch nichts weiter passiert. Habe dann festgestellt das mein AVP (MS Security Essiantials) nicht lief und ich es auch nichts starten konnte. "Gruppenrichtline blockiert ....". Nachdem ich Malwarebytes Anti Malware laufen gelassen habe, wurde der Trojaner "trojan.ransom.gend" gefundern und auch entfernt. Gleichzeitig hab ich das Kabel Deutschland Sicherheitspaket (F-Secure) installiert und es wurde nichts mehr gefunden. Vielleicht könnte noch jemand über die LOGS rüberschauen, ob da wieder alles i.O. ist. Danke im voraus DEFOGGER Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:10 on 06/06/2014 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Admin (administrator) on NOTEBOOK-HOME on 06-06-2014 11:11:36
Running from C:\Users\Admin\Downloads
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\fshoster32.exe
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Atheros) C:\Program Files\Atheros\Ath_WlanAgent.exe
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\fshoster32.exe
(F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
() C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
(Secure Banking) C:\Program Files\Secure Banking\SecureBanking.exe
() C:\Program Files\Secure Banking\sbservice.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\Users\User\Downloads\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2014-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [912016 2014-06-04] (Realtek Semiconductor)
HKLM\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2014-06-04] (Intel Corporation)
HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.)
HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [F-Secure Hoster (44553)] => C:\Program Files\Kabel Deutschland\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] => C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-20] (F-Secure Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2747657943-2784994450-2871648465-1002\...\Run: [SecureBanking] => C:\Program Files\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)
AppInit_DLLs: C:\Windows\System32\nvinit.dll => C:\Windows\System32\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7D8561C5BE80CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y5t2bglj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Citrix.com/npican - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
========================== Services (Whitelisted) =================
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2014-06-04] (Intel Corporation)
R2 fshoster; C:\Program Files\Kabel Deutschland\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation)
R3 FSMA; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE [207808 2013-08-20] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe [60352 2014-06-05] (F-Secure Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [458464 2012-02-02] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2014-06-04] (Intel Corporation)
R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros)
==================== Drivers (Whitelisted) ====================
R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [64088 2012-08-13] (Broadcom Corporation)
R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18520 2012-08-13] (Broadcom Corporation)
R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [46168 2012-06-18] (Broadcom Corporation)
R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [52312 2012-08-14] (Broadcom Corporation)
R3 F-Secure Gatekeeper; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [145960 2014-06-05] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73864 2014-06-05] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2014-06-05] ()
R3 fsni; C:\Program Files\Kabel Deutschland\apps\CCF_Scanning\fsni32.sys [66496 2013-04-25] (F-Secure Corporation)
R1 fsvista; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [12736 2013-08-20] ()
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [531264 2012-07-09] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24896 2012-07-09] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [13592 2014-06-04] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [348440 2014-06-04] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [792856 2014-06-04] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-05] (NVIDIA Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-06 11:11 - 2014-06-06 11:12 - 00013060 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-06-06 11:10 - 2014-06-06 11:10 - 00000472 _____ () C:\Users\User\Downloads\defogger_disable.log
2014-06-06 11:10 - 2014-06-06 11:10 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-06-06 11:09 - 2014-06-06 11:10 - 00050477 _____ () C:\Users\User\Downloads\Defogger.exe
2014-06-06 11:07 - 2014-06-06 11:07 - 00380416 _____ () C:\Users\User\Downloads\GMER.exe
2014-06-06 10:44 - 2014-06-06 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Banking
2014-06-06 10:43 - 2014-06-06 10:44 - 00000000 ____D () C:\Program Files\Secure Banking
2014-06-06 10:40 - 2014-06-06 10:40 - 00441354 _____ (Hopfgartner Niklas ) C:\Users\User\Downloads\setup152.exe
2014-06-06 10:17 - 2014-06-06 10:17 - 00000000 ____D () C:\Program Files\ESET
2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\Program Files\ElsterFormular
2014-06-06 09:37 - 2014-06-06 09:37 - 00001841 _____ () C:\Users\Admin\Desktop\Lidl-Fotos.lnk
2014-06-06 09:37 - 2014-06-06 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos
2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\ProgramData\Lidl_Fotos
2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\Program Files\Lidl_Fotos
2014-06-06 08:57 - 2013-11-13 10:59 - 150495839 _____ (Arobas Music ) C:\Users\User\Desktop\RSE_GUITARS.exe
2014-06-06 08:57 - 2013-11-13 10:58 - 84028759 _____ (Arobas Music ) C:\Users\User\Desktop\RSE_DRUMS.exe
2014-06-06 08:57 - 2013-11-13 10:57 - 44065161 _____ (Arobas Music ) C:\Users\User\Desktop\RSE_BASSES.exe
2014-06-06 08:57 - 2013-11-13 10:56 - 11701480 _____ (Arobas Music ) C:\Users\User\Desktop\GP5FULL.exe
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Acer
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\Program Files\Acer
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\OEM
2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A
2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A
2014-06-06 08:38 - 2014-06-06 08:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\InstallShield
2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A
2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A
2014-06-06 08:29 - 2014-06-06 11:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00024848 _____ () C:\ComboFix.txt
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-06 08:19 - 2014-06-05 14:32 - 05205146 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-06-06 08:15 - 2014-06-06 08:15 - 22464416 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A.zip
2014-06-06 08:15 - 2014-06-06 08:15 - 07580658 _____ () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A.zip
2014-06-06 08:14 - 2014-06-06 08:15 - 08163850 _____ () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A.zip
2014-06-06 08:14 - 2014-06-06 08:14 - 41661051 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A.zip
2014-06-06 08:09 - 2014-06-06 08:09 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 ____D () C:\Users\TEMP
2014-06-06 08:09 - 2014-06-05 14:47 - 00000000 ____D () C:\Users\TEMP\AppData\Local\temp
2014-06-06 08:09 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2014-06-06 08:09 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-06 08:09 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-05 21:04 - 2014-06-06 09:42 - 00000618 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-06-05 21:00 - 2014-06-05 21:07 - 00044240 _____ () C:\Windows\system32\Drivers\fsbts.sys
2014-06-05 20:59 - 2014-06-05 21:00 - 00002395 _____ () C:\Windows\DAASINST.LOG
2014-06-05 20:52 - 2014-06-05 21:01 - 00000000 ____D () C:\Program Files\Kabel Deutschland
2014-06-05 20:52 - 2014-06-05 20:52 - 00002005 _____ () C:\Users\Public\Desktop\Kabel Deutschland Launchpad.lnk
2014-06-05 20:52 - 2014-06-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland
2014-06-05 20:50 - 2014-06-05 20:50 - 00859072 _____ (F-Secure Corporation) C:\Users\User\Downloads\Sicherheitspaket.exe
2014-06-05 20:25 - 2014-06-05 20:25 - 00000248 _____ () C:\Users\User\Desktop\Webinterface-Anmeldung.URL
2014-06-05 20:15 - 2014-06-04 13:13 - 00001841 _____ () C:\Users\User\Desktop\PDF24 Creator.lnk
2014-06-05 16:15 - 2014-06-05 16:15 - 00000000 ____D () C:\Users\Admin\AppData\Local\PDF24
2014-06-05 15:21 - 2014-06-05 15:24 - 00000363 _____ () C:\Users\Admin\Downloads\##1 How To Do.txt
2014-06-05 15:15 - 2014-06-05 15:15 - 00707354 _____ () C:\Windows\unins000.exe
2014-06-05 15:15 - 2014-06-05 15:15 - 00001536 _____ () C:\Windows\unins000.dat
2014-06-05 15:15 - 2014-06-05 15:15 - 00000000 ____D () C:\Windows\system32\GPBAK
2014-06-05 15:15 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2014-06-05 15:15 - 2001-08-23 13:00 - 00034871 _____ () C:\Windows\system32\gpedit.msc
2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-06-05 15:06 - 2014-06-05 15:06 - 00000000 ____D () C:\Windows\ERUNT
2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-06-05 15:03 - 2014-06-05 15:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-06-05 15:03 - 2014-06-05 15:04 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-06-05 14:58 - 2014-06-05 14:58 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\Junk Removal Tool.exe
2014-06-05 14:53 - 2014-06-05 14:53 - 01327971 _____ () C:\Users\Admin\Downloads\AdWare Cleaner_3.211.exe
2014-06-05 14:52 - 2014-06-06 11:11 - 00000000 ____D () C:\FRST
2014-06-05 14:51 - 2014-06-05 14:51 - 01059840 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2014-06-05 14:33 - 2014-06-06 08:29 - 00000000 ____D () C:\Qoobox
2014-06-05 14:33 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-05 14:33 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-05 14:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-05 14:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-05 14:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-05 14:33 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-05 14:33 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-05 14:33 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-05 14:32 - 2014-06-05 14:45 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 14:32 - 2014-06-05 14:32 - 05205146 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-06-05 14:29 - 2014-06-05 14:29 - 00064400 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ICAClient
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Citrix
2014-06-05 14:28 - 2014-06-06 11:10 - 00000000 ____D () C:\Users\Admin
2014-06-05 14:28 - 2014-06-05 14:28 - 00001429 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 14:28 - 2014-06-05 14:28 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Startmenü
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-06-05 14:28 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-06-05 14:28 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-05 14:28 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-05 14:24 - 2014-06-05 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Admin\Downloads\Temporary File Cleaner.exe
2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-06-05 14:13 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-05 14:13 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-05 14:13 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-06-05 14:13 - 2012-07-06 21:23 - 00393728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-06-05 14:13 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-06-05 14:13 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-06-05 14:13 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-06-05 14:13 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-06-05 14:13 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-06-05 14:13 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-06-05 14:13 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-06-05 14:13 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-06-05 14:13 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-06-05 14:11 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-06-05 14:10 - 2014-06-05 14:10 - 11268944 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MSEInstall.exe
2014-06-05 14:07 - 2014-06-05 14:09 - 00178707 _____ () C:\Windows\FSUNINST.log
2014-06-05 14:07 - 2014-06-05 14:09 - 00008237 _____ () C:\Windows\uninstaller.log
2014-06-05 14:07 - 2014-06-05 14:08 - 00000069 _____ () C:\Windows\fsavunin_2.log
2014-06-05 13:48 - 2014-06-05 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure
2014-06-05 13:45 - 2014-06-05 21:00 - 00001308 _____ () C:\Windows\fsav_db_setup.log
2014-06-05 13:45 - 2014-06-05 20:59 - 00019462 _____ () C:\Windows\prodsett_copy.ini
2014-06-05 13:44 - 2014-06-05 21:00 - 03784497 _____ () C:\Windows\FSISU.log
2014-06-05 13:44 - 2014-06-05 21:00 - 01654951 _____ () C:\Windows\FSSFM.log
2014-06-05 13:44 - 2014-06-05 21:00 - 01420006 _____ () C:\Windows\FSSETUP.log
2014-06-05 13:44 - 2014-06-05 21:00 - 00248673 _____ () C:\Windows\FSPROD.log
2014-06-05 13:44 - 2014-06-05 21:00 - 00194615 _____ () C:\Windows\RunSetup.log
2014-06-05 13:44 - 2014-06-05 21:00 - 00133760 _____ () C:\Windows\FSAVINST.LOG
2014-06-05 13:44 - 2014-06-05 21:00 - 00012091 _____ () C:\Windows\FSGKIAIN.log
2014-06-05 13:44 - 2014-06-05 21:00 - 00010527 _____ () C:\Windows\FSAVCSIN.LOG
2014-06-05 13:44 - 2014-06-05 21:00 - 00005405 _____ () C:\Windows\FSLDIN.LOG
2014-06-05 13:44 - 2014-06-05 21:00 - 00003473 _____ () C:\Windows\fsavunin.log
2014-06-05 13:44 - 2014-06-05 20:59 - 00366699 _____ () C:\Windows\FSDEPH.log
2014-06-05 13:44 - 2014-06-05 20:59 - 00035323 _____ () C:\Windows\fspplugin.log
2014-06-05 13:44 - 2014-06-05 14:08 - 00000675 _____ () C:\Windows\fstnbins.LOG
2014-06-05 13:26 - 2014-06-05 14:11 - 00000000 ____D () C:\Program Files\F-Secure
2014-06-05 13:25 - 2014-06-05 21:01 - 00000000 ____D () C:\ProgramData\F-Secure
2014-06-05 13:13 - 2014-06-05 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-05 13:10 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-05 13:06 - 2014-06-05 13:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 13:05 - 2014-06-05 13:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\Malewarebytes Anti Malware.exe
2014-06-05 12:43 - 2014-06-05 12:43 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-04 16:09 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-04 16:09 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-04 16:09 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-04 16:03 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-04 16:03 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-04 16:03 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-04 16:03 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-04 16:03 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-04 16:03 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-04 16:03 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-04 16:03 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-06-04 16:03 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-04 16:03 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-04 16:03 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-04 16:03 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-04 16:03 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-04 16:03 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-04 16:03 - 2011-04-28 05:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-06-04 15:47 - 2014-06-04 15:47 - 00000000 ____D () C:\ProgramData\Sun
2014-06-04 15:47 - 2014-06-04 15:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia
2014-06-04 15:41 - 2014-06-06 10:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-04 15:41 - 2014-06-04 15:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-04 15:41 - 2014-06-04 15:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-04 15:41 - 2014-06-04 15:41 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-06-04 15:37 - 2014-06-04 15:37 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-04 15:37 - 2014-06-04 15:37 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-04 15:21 - 2014-06-04 15:21 - 00000000 ____D () C:\Windows\system32\NV
2014-06-04 15:16 - 2014-06-04 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-04 14:48 - 2012-08-23 16:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-04 14:48 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-04 14:48 - 2012-08-23 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-04 14:48 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-04 14:48 - 2012-08-23 12:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-04 14:41 - 2014-06-04 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-04 14:40 - 2014-06-04 16:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-04 14:37 - 2013-10-02 02:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-04 14:37 - 2013-10-02 02:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-04 14:37 - 2013-10-02 02:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-04 14:37 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-04 14:37 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-04 14:37 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-04 14:37 - 2013-10-02 01:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-04 14:37 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-04 14:37 - 2013-10-02 01:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-04 14:37 - 2013-10-02 00:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-04 14:37 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-04 14:27 - 2014-06-04 14:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-04 14:27 - 2014-05-04 17:14 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Brother
2014-06-04 14:20 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-06-04 14:20 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-06-04 14:20 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-06-04 14:20 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-06-04 14:20 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-06-04 14:20 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-06-04 14:20 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-06-04 14:20 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-06-04 14:20 - 2012-03-01 07:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-06-04 14:20 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-06-04 14:19 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-06-04 14:15 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-04 14:15 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-04 14:08 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-04 14:08 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 14:08 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-06-04 14:08 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-06-04 14:08 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-06-04 14:08 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-06-04 14:07 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-04 14:07 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-04 14:06 - 2014-06-04 14:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-06-04 14:05 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-04 14:05 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-06-04 14:05 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-06-04 14:05 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-06-04 14:05 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-06-04 14:05 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-06-04 14:05 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-06-04 14:05 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-06-04 14:04 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-04 14:04 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-04 14:04 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-04 14:04 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-04 14:04 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-04 14:04 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-04 14:04 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-06-04 14:04 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-06-04 14:04 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-06-04 14:03 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-04 14:03 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-04 14:03 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-04 14:03 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-04 14:03 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-04 14:03 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-04 14:03 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-04 14:03 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-04 14:03 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-04 14:03 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-04 14:03 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-06-04 14:03 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-04 14:03 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-04 14:03 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-06-04 14:03 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-06-04 14:03 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-06-04 14:03 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-04 14:03 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-06-04 14:03 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-06-04 14:02 - 2014-06-04 14:02 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-06-04 14:02 - 2014-06-04 14:02 - 00000027 _____ () C:\Windows\BRPP2KA.INI
2014-06-04 14:02 - 2014-06-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-06-04 14:02 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-06-04 14:02 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-04 14:02 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-04 14:02 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-04 14:02 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-06-04 14:02 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-06-04 14:02 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-06-04 14:02 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-06-04 14:01 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-04 14:01 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-04 14:01 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-04 14:01 - 2013-10-03 03:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-04 14:01 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-04 14:01 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-04 14:01 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-04 14:01 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-04 14:01 - 2013-07-12 12:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-06-04 14:01 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-04 14:01 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-04 14:01 - 2013-04-10 07:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-04 14:01 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-04 14:01 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-06-04 14:00 - 2014-06-04 14:00 - 00000050 _____ () C:\Windows\system32\bridf08b.dat
2014-06-04 14:00 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-04 14:00 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-04 14:00 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-04 14:00 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-04 14:00 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-04 14:00 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-04 14:00 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-06-04 14:00 - 2009-04-07 12:01 - 01534464 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWia09b.dll
2014-06-04 14:00 - 2009-02-24 13:59 - 00072192 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll
2014-06-04 14:00 - 2009-02-24 12:51 - 00073216 ____N (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll
2014-06-04 14:00 - 2009-02-24 12:51 - 00046592 ____N (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll
2014-06-04 14:00 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\Windows\system32\NSSearch.dll
2014-06-04 14:00 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll
2014-06-04 14:00 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll
2014-06-04 14:00 - 2007-12-13 22:16 - 00003072 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll
2014-06-04 14:00 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll
2014-06-04 14:00 - 2002-11-26 13:43 - 00106496 ____N () C:\Windows\system32\BrMuSNMP.dll
2014-06-04 13:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-04 13:59 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-04 13:59 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-04 13:59 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-04 13:59 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-04 13:59 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-04 13:59 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-06-04 13:59 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-04 13:59 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-04 13:59 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-04 13:59 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-04 13:59 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-04 13:59 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-06-04 13:59 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-04 13:59 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-06-04 13:59 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-04 13:59 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-04 13:59 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-04 13:59 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-06-04 13:59 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-06-04 13:59 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-04 13:59 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-06-04 13:59 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-04 13:59 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-04 13:59 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-06-04 13:59 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-04 13:59 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-06-04 13:59 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-06-04 13:59 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-06-04 13:59 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-06-04 13:59 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-06-04 13:59 - 2012-05-14 06:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-06-04 13:59 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-06-04 13:59 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-06-04 13:59 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-06-04 13:59 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-06-04 13:59 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-06-04 13:59 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-06-04 13:59 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-06-04 13:59 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-06-04 13:59 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-06-04 13:59 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-06-04 13:59 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-06-04 13:59 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-06-04 13:59 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-06-04 13:59 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-06-04 13:59 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-06-04 13:59 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-06-04 13:59 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-06-04 13:59 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-06-04 13:59 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-06-04 13:59 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-06-04 13:58 - 2012-04-28 05:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-06-04 13:58 - 2012-04-26 06:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-06-04 13:58 - 2012-04-26 06:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-06-04 13:58 - 2012-04-26 06:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-06-04 13:58 - 2012-03-17 09:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-06-04 13:58 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-06-04 13:58 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-06-04 13:58 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-06-04 13:58 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-06-04 13:58 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-06-04 13:58 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-06-04 13:58 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-06-04 13:58 - 2011-07-09 04:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-06-04 13:58 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2014-06-04 13:58 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-06-04 13:58 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-06-04 13:58 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-06-04 13:58 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-06-04 13:58 - 2011-05-24 12:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-06-04 13:58 - 2011-04-29 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-06-04 13:58 - 2011-04-29 04:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-04 13:58 - 2011-04-29 04:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-06-04 13:58 - 2011-04-27 04:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-06-04 13:58 - 2011-04-27 04:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-06-04 13:58 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-06-04 13:58 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-06-04 13:58 - 2011-03-03 07:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-06-04 13:58 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-06-04 13:58 - 2011-02-23 06:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-06-04 13:58 - 2011-02-12 07:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-06-04 13:58 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-06-04 13:58 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-06-04 13:58 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-06-04 13:57 - 2014-06-04 13:57 - 00000000 ____D () C:\ProgramData\Brother
2014-06-04 13:57 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-04 13:57 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-04 13:57 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-04 13:57 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-04 13:57 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-04 13:57 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-04 13:57 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-04 13:57 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-04 13:57 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-04 13:54 - 2014-06-04 14:00 - 00000000 ____D () C:\Program Files\Brother
2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-06-04 13:27 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-04 13:27 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-04 13:27 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-06-04 13:27 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-04 13:22 - 2014-06-05 12:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-06-04 13:17 - 2014-06-04 13:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 13:16 - 2014-06-04 13:17 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-04 13:16 - 2014-06-04 13:17 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-04 13:16 - 2014-06-04 13:16 - 00000000 ____D () C:\Program Files\Adobe
2014-06-04 13:14 - 2014-06-04 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\PDF24
2014-06-04 13:13 - 2014-06-04 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-06-04 13:12 - 2014-06-04 13:13 - 00000000 ____D () C:\Program Files\PDF24
2014-06-04 13:12 - 2014-06-04 13:12 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-04 13:12 - 2014-06-04 13:12 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-04 13:12 - 2014-06-04 13:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-04 13:12 - 2014-06-04 13:12 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-04 13:11 - 2014-06-04 13:11 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-04 13:11 - 2014-06-04 13:11 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-04 13:11 - 2014-06-04 13:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-04 13:11 - 2014-06-04 13:11 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-06-04 13:11 - 2014-06-04 13:11 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-04 13:09 - 2014-06-04 13:09 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Wohnung Palmenvillen II
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Steuer
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Sparda
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\samsung
2014-06-04 13:08 - 2014-05-05 19:46 - 00120179 _____ () C:\Users\User\Documents\Fotobuch Bodensee.pbf
2014-06-04 13:08 - 2013-12-19 11:45 - 00000093 _____ () C:\Users\User\Documents\wlan.txt
2014-06-04 13:08 - 2013-11-07 17:17 - 00127815 _____ () C:\Users\User\Documents\Fotobuch Köln.pbf
2014-06-04 13:08 - 2013-09-14 12:12 - 00002486 _____ () C:\Users\User\Documents\citrix.bk-*******.com
2014-06-04 13:08 - 2013-09-12 14:51 - 00000000 ____D () C:\Users\User\Documents\Steuer 2009
2014-06-04 13:08 - 2013-07-13 16:33 - 00264941 _____ () C:\Users\User\Documents\Fotobuch Dresden.pbf
2014-06-04 13:08 - 2011-11-05 16:36 - 00064000 _____ () C:\Users\User\Documents\Ü-Ei Figuren.xls
2014-06-04 13:08 - 2011-02-27 11:10 - 00093174 _____ () C:\Users\User\Documents\Steuer_2010_*****.zip
2014-06-04 13:08 - 2010-04-01 17:31 - 07614464 _____ () C:\Users\User\Documents\ica32web.msi
2014-06-04 13:08 - 2010-02-22 18:38 - 00094094 _____ () C:\Users\User\Documents\Steuer_2009_Wolfgang.zip
2014-06-04 13:08 - 2009-11-24 21:25 - 546109869 _____ () C:\Users\User\Documents\Standard_20091124_201933.zip
2014-06-04 13:08 - 2009-07-16 13:05 - 52923512 _____ (MAGIX AG) C:\Users\User\Documents\foto_manager_sued_d.exe
2014-06-04 13:08 - 2009-06-11 15:31 - 01878888 _____ (Adobe Systems Incorporated) C:\Users\User\Documents\install_flash_player.exe
2014-06-04 13:08 - 2009-01-17 18:30 - 00000970 _____ () C:\Users\User\Documents\Meine freigegebenen Ordner.lnk
2014-06-04 13:08 - 2008-07-18 18:00 - 07331584 _____ (Mozilla) C:\Users\User\Documents\Firefox%20Setup%203.0.exe
2014-06-04 13:08 - 2007-05-19 12:07 - 00023552 _____ () C:\Users\User\Documents\Adressliste Klassentreffen.xls
2014-06-04 13:07 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Rezepte
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\restore
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Rechtschutz *****
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\PDF24
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Kabel Deutschland
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\ICQ
2014-06-04 13:06 - 2014-06-04 16:13 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-06-04 13:06 - 2014-06-04 13:06 - 00000000 ____D () C:\Users\User\Documents\Handy
2014-06-04 13:05 - 2014-06-04 14:31 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Users\User\Documents\Eigene Scans
2014-06-04 13:04 - 2014-06-04 13:04 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\EA Games
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bluetooth Folder
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2014
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2013
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2012
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Apowersoft Free Audio Recorder
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Ahnenforschung
2014-06-04 13:04 - 2006-06-30 13:18 - 00007202 _____ () C:\Users\User\Documents\Zugang Outlook *******.html
2014-06-04 13:03 - 2014-06-04 13:15 - 00016641 _____ () C:\Windows\IE11_main.log
2014-06-04 13:02 - 2014-06-05 13:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-04 13:02 - 2014-06-05 13:15 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-04 13:02 - 2014-06-04 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-06-04 13:01 - 2014-06-04 13:01 - 00000000 ___RD () C:\MSOCache
2014-06-04 13:00 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-04 13:00 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-06-04 12:51 - 2014-06-04 12:51 - 00001564 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2014-06-04 12:50 - 2014-06-05 20:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\ICAClient
2014-06-04 12:50 - 2014-06-04 12:51 - 00000000 ____D () C:\Users\User\AppData\Local\Citrix
2014-06-04 12:50 - 2014-06-04 12:51 - 00000000 ____D () C:\ProgramData\Citrix
2014-06-04 12:50 - 2014-06-04 12:51 - 00000000 ____D () C:\Program Files\Citrix
2014-06-04 12:50 - 2014-06-04 12:50 - 00000000 ____D () C:\Program Files\Common Files\Citrix
2014-06-04 12:46 - 2014-06-04 15:21 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-04 12:46 - 2013-08-30 01:08 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-06-04 12:46 - 2013-08-30 01:08 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-06-04 12:46 - 2013-08-30 01:08 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-06-04 12:46 - 2013-08-30 01:08 - 00886560 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-06-04 12:46 - 2013-08-30 01:08 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-06-04 12:46 - 2013-08-30 01:08 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-06-04 12:46 - 2013-08-30 01:08 - 00066560 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-06-04 12:46 - 2013-08-30 01:08 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-06-04 12:46 - 2013-08-30 01:01 - 03349466 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-04 12:45 - 2014-06-04 14:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-04 12:45 - 2014-06-04 12:45 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-04 12:45 - 2014-06-04 12:35 - 01009512 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco32.dll
2014-06-04 12:45 - 2014-06-04 12:35 - 00888168 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco32.dll
2014-06-04 12:45 - 2013-09-05 02:38 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll
2014-06-04 12:45 - 2013-09-05 02:38 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll
2014-06-04 12:45 - 2013-09-05 02:38 - 00017699 _____ () C:\Windows\system32\nvinfo.pb
2014-06-04 12:45 - 2013-09-05 02:37 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-06-04 12:44 - 2014-06-04 12:44 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-06-04 12:38 - 2014-06-04 12:37 - 00015128 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-06-04 12:37 - 2014-06-04 12:38 - 00000000 ____D () C:\ProgramData\Intel
2014-06-04 12:37 - 2014-06-04 12:37 - 00000000 ____D () C:\Program Files\Common Files\postureAgent
2014-06-04 12:34 - 2014-06-04 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-06-04 12:34 - 2014-06-04 12:33 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-06-04 12:33 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-06-04 12:33 - 2012-02-17 06:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-06-04 12:32 - 2014-06-04 12:31 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2014-06-04 12:28 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-06-04 12:28 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-06-04 12:28 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-06-04 12:28 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-06-04 12:28 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-06-04 12:28 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-06-04 12:28 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-06-04 12:27 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-06-04 12:27 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-06-04 12:26 - 2014-06-04 12:26 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2014-06-04 12:25 - 2014-06-04 12:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel Corporation
2014-06-04 12:23 - 2014-06-06 09:41 - 00040174 _____ () C:\Windows\PFRO.log
2014-06-04 12:22 - 2014-06-04 12:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2014-06-04 12:21 - 2014-06-04 12:36 - 00000000 ____D () C:\Program Files\Broadcom
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Dolby PCEE4
2014-06-04 12:19 - 2014-06-04 12:20 - 00000000 ___HD () C:\Program Files\Temp
2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Realtek
2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-06-04 12:19 - 2014-06-04 12:16 - 07783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 05096448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 03238608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-06-04 12:19 - 2014-06-04 12:16 - 03173008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 02417808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 02193472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01706640 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-06-04 12:19 - 2014-06-04 12:16 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 01185112 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00709976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00645776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00546944 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00293480 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00290813 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-04 12:19 - 2014-06-04 12:16 - 00259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00247560 _____ () C:\Windows\system32\Drivers\RTConvEQ.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00176736 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00155008 _____ () C:\Windows\system32\Drivers\RtPCEE4.DAT
2014-06-04 12:19 - 2014-06-04 12:16 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00087696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00039672 _____ () C:\Windows\system32\Drivers\RtPCEE3.DAT
2014-06-04 12:19 - 2014-06-04 12:16 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-06-04 12:19 - 2014-06-04 12:16 - 00001448 _____ () C:\Windows\system32\Drivers\RtHdatEx.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000712 _____ () C:\Windows\system32\Drivers\RTEQEX0.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX3.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX2.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX1.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000176 _____ () C:\Windows\system32\Drivers\RTHDAEQ1.dat
2014-06-04 12:19 - 2014-06-04 12:16 - 00000024 _____ () C:\Windows\system32\Drivers\rtkhdaud.dat
2014-06-04 12:19 - 2012-05-17 11:29 - 07161696 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll
2014-06-04 12:19 - 2012-05-17 11:29 - 00351072 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll
2014-06-04 12:19 - 2012-05-17 11:29 - 00105824 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll
2014-06-04 12:19 - 2012-05-17 11:29 - 00091488 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll
2014-06-04 12:19 - 2012-05-17 11:29 - 00061792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll
2014-06-04 12:18 - 2014-06-04 12:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-06-04 12:17 - 2014-06-04 12:44 - 00000000 ____D () C:\Program Files\Intel
2014-06-04 12:17 - 2014-06-04 12:43 - 00000000 ____D () C:\Intel
2014-06-04 12:17 - 2014-06-04 12:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield
2014-06-04 12:17 - 2012-07-09 13:43 - 00531264 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2014-06-04 12:17 - 2012-07-09 13:42 - 00024896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2014-06-04 12:16 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-06-04 12:15 - 2014-06-05 20:56 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-04 12:15 - 2014-06-05 12:36 - 00064400 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 12:05 - 2014-06-04 12:05 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-04 11:49 - 2014-06-04 11:00 - 00000000 ____D () C:\Windows\Panther
2014-06-04 11:26 - 2010-11-20 04:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2014-06-04 11:26 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2014-06-04 11:26 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2014-06-04 11:26 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2014-06-04 11:26 - 2010-11-20 04:30 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2014-06-04 11:26 - 2010-11-20 04:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-06-04 11:26 - 2010-11-20 04:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-06-04 11:26 - 2010-11-20 04:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2014-06-04 11:26 - 2010-11-20 04:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2014-06-04 11:26 - 2010-11-20 04:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2014-06-04 11:26 - 2010-11-20 04:30 - 00078208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-06-04 11:26 - 2010-11-20 04:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2014-06-04 11:26 - 2010-11-20 04:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2014-06-04 11:26 - 2010-11-20 04:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-06-04 11:26 - 2010-11-20 04:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2014-06-04 11:26 - 2010-11-20 04:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-06-04 11:26 - 2010-11-20 04:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2014-06-04 11:26 - 2010-11-20 04:24 - 00690680 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-06-04 11:26 - 2010-11-20 04:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-06-04 11:26 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2014-06-04 11:26 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2014-06-04 11:26 - 2010-11-20 04:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2014-06-04 11:26 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2014-06-04 11:26 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-06-04 11:26 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2014-06-04 11:26 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2014-06-04 11:26 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2014-06-04 11:26 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2014-06-04 11:26 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2014-06-04 11:26 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2014-06-04 11:26 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2014-06-04 11:26 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2014-06-04 11:26 - 2010-11-20 04:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2014-06-04 11:26 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2014-06-04 11:26 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
|
|
06.06.2014, 10:53
| #2 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing FRST - Teil 2 von 2
__________________Code:
ATTFilter 2014-06-04 11:26 - 2010-11-20 04:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2014-06-04 11:26 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2014-06-04 11:26 - 2010-11-20 04:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2014-06-04 11:26 - 2010-11-20 04:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2014-06-04 11:26 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2014-06-04 11:26 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2014-06-04 11:26 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-06-04 11:26 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2014-06-04 11:26 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-06-04 11:26 - 2010-11-20 04:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2014-06-04 11:26 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2014-06-04 11:26 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2014-06-04 11:26 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2014-06-04 11:26 - 2010-11-20 04:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2014-06-04 11:26 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2014-06-04 11:26 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2014-06-04 11:26 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2014-06-04 11:26 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2014-06-04 11:26 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2014-06-04 11:26 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2014-06-04 11:26 - 2010-11-20 04:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2014-06-04 11:26 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2014-06-04 11:26 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-06-04 11:26 - 2010-11-20 03:56 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-04 11:26 - 2010-11-20 03:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2014-06-04 11:26 - 2010-11-20 02:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2014-06-04 11:26 - 2010-11-20 02:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
2014-06-04 11:26 - 2010-11-20 02:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2014-06-04 11:26 - 2010-11-20 02:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2014-06-04 11:26 - 2010-11-20 02:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2014-06-04 11:26 - 2010-11-20 02:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2014-06-04 11:26 - 2010-11-20 02:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2014-06-04 11:26 - 2010-11-20 02:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2014-06-04 11:26 - 2010-11-20 02:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2014-06-04 11:26 - 2010-11-20 01:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-06-04 11:26 - 2010-11-20 01:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2014-06-04 11:26 - 2010-11-20 01:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2014-06-04 11:26 - 2010-11-20 01:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2014-06-04 11:26 - 2010-11-20 01:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-06-04 11:26 - 2010-11-20 00:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-06-04 11:26 - 2010-11-20 00:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-06-04 11:26 - 2010-11-19 21:23 - 00053600 _____ () C:\Windows\system32\dosx.exe
2014-06-04 11:26 - 2010-11-04 18:20 - 00146852 _____ () C:\Windows\system32\systemsf.ebd
2014-06-04 11:26 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-06-04 11:26 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-06-04 11:26 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-06-04 11:26 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-06-04 11:26 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-06-04 11:26 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-06-04 11:26 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-06-04 11:25 - 2010-11-20 04:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2014-06-04 11:25 - 2010-11-20 04:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2014-06-04 11:25 - 2010-11-20 04:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2014-06-04 11:25 - 2010-11-20 04:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2014-06-04 11:25 - 2010-11-20 04:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2014-06-04 11:25 - 2010-11-20 04:24 - 00508904 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-06-04 11:25 - 2010-11-20 04:24 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-06-04 11:25 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2014-06-04 11:25 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2014-06-04 11:25 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2014-06-04 11:25 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2014-06-04 11:25 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2014-06-04 11:25 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2014-06-04 11:25 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2014-06-04 11:25 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2014-06-04 11:25 - 2010-11-20 04:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-04 11:25 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2014-06-04 11:25 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2014-06-04 11:25 - 2010-11-20 04:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2014-06-04 11:25 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2014-06-04 11:25 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2014-06-04 11:25 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2014-06-04 11:25 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2014-06-04 11:25 - 2010-11-20 04:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2014-06-04 11:25 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2014-06-04 11:25 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2014-06-04 11:25 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2014-06-04 11:25 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2014-06-04 11:25 - 2010-11-20 04:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2014-06-04 11:25 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2014-06-04 11:25 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2014-06-04 11:25 - 2010-11-20 04:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2014-06-04 11:25 - 2010-11-20 04:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-06-04 11:25 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2014-06-04 11:25 - 2010-11-20 04:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2014-06-04 11:25 - 2010-11-20 04:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-06-04 11:25 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-06-04 11:25 - 2010-11-20 02:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2014-06-04 11:25 - 2010-11-20 02:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll
2014-06-04 11:25 - 2010-11-20 02:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2014-06-04 11:25 - 2010-11-20 02:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2014-06-04 11:25 - 2010-11-20 02:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2014-06-04 11:25 - 2010-11-20 02:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2014-06-04 11:25 - 2010-11-20 01:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-06-04 11:25 - 2010-11-20 00:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-06-04 11:25 - 2010-11-20 00:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2014-06-04 11:25 - 2010-11-20 00:40 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-06-04 11:25 - 2010-11-20 00:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2014-06-04 11:25 - 2010-11-20 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-06-04 11:25 - 2010-11-20 00:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2014-06-04 11:25 - 2010-11-09 17:45 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml
2014-06-04 11:25 - 2010-11-04 18:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml
2014-06-04 11:25 - 2008-04-14 02:11 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2014-06-04 11:24 - 2010-11-20 04:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2014-06-04 11:24 - 2010-11-20 04:21 - 00521216 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-06-04 11:24 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2014-06-04 11:24 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2014-06-04 11:24 - 2010-11-20 04:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2014-06-04 11:24 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2014-06-04 11:24 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2014-06-04 11:24 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-06-04 11:24 - 2010-11-20 04:18 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2014-06-04 11:24 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2014-06-04 11:24 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2014-06-04 11:24 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-06-04 11:24 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2014-06-04 11:24 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2014-06-04 11:24 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2014-06-04 11:24 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2014-06-04 11:24 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2014-06-04 11:24 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2014-06-04 11:24 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2014-06-04 11:24 - 2010-11-20 04:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-06-04 11:24 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2014-06-04 11:24 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2014-06-04 11:24 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2014-06-04 11:24 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2014-06-04 11:24 - 2010-11-20 04:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2014-06-04 11:24 - 2010-11-20 03:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2014-06-04 11:24 - 2010-11-20 02:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys
2014-06-04 11:24 - 2010-11-20 01:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-06-04 11:24 - 2010-11-20 01:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2014-06-04 11:24 - 2010-11-20 01:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2014-06-04 11:24 - 2010-11-20 00:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2014-06-04 11:24 - 2010-11-20 00:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2014-06-04 11:24 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2014-06-04 11:24 - 2008-04-14 02:11 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2014-06-04 11:20 - 2014-06-04 11:20 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-06-04 11:13 - 2014-06-06 08:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-04 11:13 - 2014-06-04 11:13 - 00000000 ____D () C:\Program Files\Atheros
2014-06-04 11:13 - 2012-02-15 01:42 - 02841600 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys
2014-06-04 11:11 - 2014-06-04 11:13 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-04 11:05 - 2014-06-06 08:44 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 11:02 - 2014-06-06 10:10 - 01234920 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 11:01 - 2014-06-06 10:44 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-06-04 11:01 - 2014-06-04 11:01 - 00001413 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-04 11:00 - 2014-06-06 11:12 - 00000000 ____D () C:\Users\User\AppData\Local\Temp
2014-06-04 11:00 - 2014-06-04 11:00 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 ____D () C:\Recovery
2014-06-04 11:00 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-04 11:00 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-06-04 10:53 - 2014-06-04 10:53 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-06-04 10:53 - 2014-06-04 10:53 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-06-04 10:50 - 2014-06-04 10:53 - 00001313 _____ () C:\Windows\TSSysprep.log
==================== One Month Modified Files and Folders =======
2014-06-06 11:13 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp
2014-06-06 11:12 - 2014-06-06 11:11 - 00013060 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-06-06 11:12 - 2014-06-04 11:00 - 00000000 ____D () C:\Users\User\AppData\Local\Temp
2014-06-06 11:11 - 2014-06-05 14:52 - 00000000 ____D () C:\FRST
2014-06-06 11:10 - 2014-06-06 11:10 - 00000472 _____ () C:\Users\User\Downloads\defogger_disable.log
2014-06-06 11:10 - 2014-06-06 11:10 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-06-06 11:10 - 2014-06-06 11:09 - 00050477 _____ () C:\Users\User\Downloads\Defogger.exe
2014-06-06 11:10 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin
2014-06-06 11:07 - 2014-06-06 11:07 - 00380416 _____ () C:\Users\User\Downloads\GMER.exe
2014-06-06 10:48 - 2014-06-04 15:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-06 10:44 - 2014-06-06 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Banking
2014-06-06 10:44 - 2014-06-06 10:43 - 00000000 ____D () C:\Program Files\Secure Banking
2014-06-06 10:44 - 2014-06-04 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore
2014-06-06 10:40 - 2014-06-06 10:40 - 00441354 _____ (Hopfgartner Niklas ) C:\Users\User\Downloads\setup152.exe
2014-06-06 10:17 - 2014-06-06 10:17 - 00000000 ____D () C:\Program Files\ESET
2014-06-06 10:10 - 2014-06-04 11:02 - 01234920 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 09:50 - 2009-07-14 06:34 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 09:50 - 2009-07-14 06:34 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 09:42 - 2014-06-05 21:04 - 00000618 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-06-06 09:42 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-06 09:42 - 2009-07-14 06:39 - 00022138 _____ () C:\Windows\setupact.log
2014-06-06 09:41 - 2014-06-04 12:23 - 00040174 _____ () C:\Windows\PFRO.log
2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\elsterformular
2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\Program Files\ElsterFormular
2014-06-06 09:37 - 2014-06-06 09:37 - 00001841 _____ () C:\Users\Admin\Desktop\Lidl-Fotos.lnk
2014-06-06 09:37 - 2014-06-06 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos
2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\ProgramData\Lidl_Fotos
2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\Program Files\Lidl_Fotos
2014-06-06 08:44 - 2014-06-04 11:05 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Acer
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\Program Files\Acer
2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\OEM
2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A
2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A
2014-06-06 08:39 - 2014-06-04 11:13 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-06 08:38 - 2014-06-06 08:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\InstallShield
2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A
2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A
2014-06-06 08:29 - 2014-06-06 08:29 - 00024848 _____ () C:\ComboFix.txt
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-06 08:29 - 2014-06-06 08:29 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-06 08:29 - 2014-06-05 14:33 - 00000000 ____D () C:\Qoobox
2014-06-06 08:28 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-06-06 08:15 - 2014-06-06 08:15 - 22464416 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A.zip
2014-06-06 08:15 - 2014-06-06 08:15 - 07580658 _____ () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A.zip
2014-06-06 08:15 - 2014-06-06 08:14 - 08163850 _____ () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A.zip
2014-06-06 08:14 - 2014-06-06 08:14 - 41661051 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A.zip
2014-06-06 08:09 - 2014-06-06 08:09 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Startmenü
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf
2014-06-06 08:09 - 2014-06-06 08:09 - 00000000 ____D () C:\Users\TEMP
2014-06-05 21:07 - 2014-06-05 21:00 - 00044240 _____ () C:\Windows\system32\Drivers\fsbts.sys
2014-06-05 21:01 - 2014-06-05 20:52 - 00000000 ____D () C:\Program Files\Kabel Deutschland
2014-06-05 21:01 - 2014-06-05 13:25 - 00000000 ____D () C:\ProgramData\F-Secure
2014-06-05 21:00 - 2014-06-05 20:59 - 00002395 _____ () C:\Windows\DAASINST.LOG
2014-06-05 21:00 - 2014-06-05 13:45 - 00001308 _____ () C:\Windows\fsav_db_setup.log
2014-06-05 21:00 - 2014-06-05 13:44 - 03784497 _____ () C:\Windows\FSISU.log
2014-06-05 21:00 - 2014-06-05 13:44 - 01654951 _____ () C:\Windows\FSSFM.log
2014-06-05 21:00 - 2014-06-05 13:44 - 01420006 _____ () C:\Windows\FSSETUP.log
2014-06-05 21:00 - 2014-06-05 13:44 - 00248673 _____ () C:\Windows\FSPROD.log
2014-06-05 21:00 - 2014-06-05 13:44 - 00194615 _____ () C:\Windows\RunSetup.log
2014-06-05 21:00 - 2014-06-05 13:44 - 00133760 _____ () C:\Windows\FSAVINST.LOG
2014-06-05 21:00 - 2014-06-05 13:44 - 00012091 _____ () C:\Windows\FSGKIAIN.log
2014-06-05 21:00 - 2014-06-05 13:44 - 00010527 _____ () C:\Windows\FSAVCSIN.LOG
2014-06-05 21:00 - 2014-06-05 13:44 - 00005405 _____ () C:\Windows\FSLDIN.LOG
2014-06-05 21:00 - 2014-06-05 13:44 - 00003473 _____ () C:\Windows\fsavunin.log
2014-06-05 20:59 - 2014-06-05 13:45 - 00019462 _____ () C:\Windows\prodsett_copy.ini
2014-06-05 20:59 - 2014-06-05 13:44 - 00366699 _____ () C:\Windows\FSDEPH.log
2014-06-05 20:59 - 2014-06-05 13:44 - 00035323 _____ () C:\Windows\fspplugin.log
2014-06-05 20:56 - 2014-06-04 12:15 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-05 20:52 - 2014-06-05 20:52 - 00002005 _____ () C:\Users\Public\Desktop\Kabel Deutschland Launchpad.lnk
2014-06-05 20:52 - 2014-06-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland
2014-06-05 20:50 - 2014-06-05 20:50 - 00859072 _____ (F-Secure Corporation) C:\Users\User\Downloads\Sicherheitspaket.exe
2014-06-05 20:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-05 20:25 - 2014-06-05 20:25 - 00000248 _____ () C:\Users\User\Desktop\Webinterface-Anmeldung.URL
2014-06-05 20:25 - 2014-06-04 12:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\ICAClient
2014-06-05 16:15 - 2014-06-05 16:15 - 00000000 ____D () C:\Users\Admin\AppData\Local\PDF24
2014-06-05 15:24 - 2014-06-05 15:21 - 00000363 _____ () C:\Users\Admin\Downloads\##1 How To Do.txt
2014-06-05 15:15 - 2014-06-05 15:15 - 00707354 _____ () C:\Windows\unins000.exe
2014-06-05 15:15 - 2014-06-05 15:15 - 00001536 _____ () C:\Windows\unins000.dat
2014-06-05 15:15 - 2014-06-05 15:15 - 00000000 ____D () C:\Windows\system32\GPBAK
2014-06-05 15:15 - 2011-04-09 10:44 - 00901344 _____ (Richard ) C:\Users\Admin\Downloads\GPEdit für Windows 7 Home Installation.exe
2014-06-05 15:15 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-06-05 15:06 - 2014-06-05 15:06 - 00000000 ____D () C:\Windows\ERUNT
2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList
2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList
2014-06-05 15:04 - 2014-06-05 15:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-06-05 15:04 - 2014-06-05 15:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-06-05 14:58 - 2014-06-05 14:58 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\Junk Removal Tool.exe
2014-06-05 14:53 - 2014-06-05 14:53 - 01327971 _____ () C:\Users\Admin\Downloads\AdWare Cleaner_3.211.exe
2014-06-05 14:51 - 2014-06-05 14:51 - 01059840 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2014-06-05 14:47 - 2014-06-06 08:09 - 00000000 ____D () C:\Users\TEMP\AppData\Local\temp
2014-06-05 14:47 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-06-05 14:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-06-05 14:45 - 2014-06-05 14:32 - 00000000 ____D () C:\Windows\erdnt
2014-06-05 14:32 - 2014-06-06 08:19 - 05205146 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2014-06-05 14:32 - 2014-06-05 14:32 - 05205146 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-06-05 14:29 - 2014-06-05 14:29 - 00064400 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ICAClient
2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Citrix
2014-06-05 14:28 - 2014-06-05 14:28 - 00001429 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 14:28 - 2014-06-05 14:28 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Startmenü
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-06-05 14:25 - 2014-06-05 14:24 - 00448512 _____ (OldTimer Tools) C:\Users\Admin\Downloads\Temporary File Cleaner.exe
2014-06-05 14:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-06-05 14:11 - 2014-06-05 13:26 - 00000000 ____D () C:\Program Files\F-Secure
2014-06-05 14:10 - 2014-06-05 14:10 - 11268944 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MSEInstall.exe
2014-06-05 14:09 - 2014-06-05 14:07 - 00178707 _____ () C:\Windows\FSUNINST.log
2014-06-05 14:09 - 2014-06-05 14:07 - 00008237 _____ () C:\Windows\uninstaller.log
2014-06-05 14:08 - 2014-06-05 14:07 - 00000069 _____ () C:\Windows\fsavunin_2.log
2014-06-05 14:08 - 2014-06-05 13:44 - 00000675 _____ () C:\Windows\fstnbins.LOG
2014-06-05 13:48 - 2014-06-05 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure
2014-06-05 13:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat
2014-06-05 13:17 - 2014-06-04 13:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-05 13:15 - 2014-06-04 13:02 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-05 13:13 - 2014-06-05 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-05 13:06 - 2014-06-05 13:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-05 13:05 - 2014-06-05 13:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\Malewarebytes Anti Malware.exe
2014-06-05 12:48 - 2014-06-04 13:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe
2014-06-05 12:43 - 2014-06-05 12:43 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe
2014-06-05 12:36 - 2014-06-04 12:15 - 00064400 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 16:20 - 2009-07-14 06:33 - 00301632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 16:13 - 2014-06-06 08:09 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2014-06-04 16:13 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-06-04 16:13 - 2014-06-04 13:06 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-06-04 16:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-04 16:10 - 2014-06-04 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-04 16:10 - 2014-06-04 14:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-04 15:47 - 2014-06-04 15:47 - 00000000 ____D () C:\ProgramData\Sun
2014-06-04 15:47 - 2014-06-04 15:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia
2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia
2014-06-04 15:41 - 2014-06-04 15:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-04 15:41 - 2014-06-04 15:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-04 15:41 - 2014-06-04 15:41 - 00000000 ____D () C:\Windows\system32\Macromed
2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla
2014-06-04 15:37 - 2014-06-04 15:37 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-04 15:37 - 2014-06-04 15:37 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-04 15:21 - 2014-06-04 15:21 - 00000000 ____D () C:\Windows\system32\NV
2014-06-04 15:21 - 2014-06-04 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-04 15:21 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-04 15:16 - 2014-06-04 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-04 15:16 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-06-04 15:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-06-04 15:15 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-04 15:14 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-04 14:31 - 2014-06-04 13:05 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-04 14:27 - 2014-06-04 14:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Brother
2014-06-04 14:11 - 2014-06-04 12:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-04 14:06 - 2014-06-04 14:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-06-04 14:02 - 2014-06-04 14:02 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-06-04 14:02 - 2014-06-04 14:02 - 00000027 _____ () C:\Windows\BRPP2KA.INI
2014-06-04 14:02 - 2014-06-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-06-04 14:01 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-06-04 14:00 - 2014-06-04 14:00 - 00000050 _____ () C:\Windows\system32\bridf08b.dat
2014-06-04 14:00 - 2014-06-04 13:54 - 00000000 ____D () C:\Program Files\Brother
2014-06-04 13:57 - 2014-06-04 13:57 - 00000000 ____D () C:\ProgramData\Brother
2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList
2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList
2014-06-04 13:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-06-04 13:17 - 2014-06-04 13:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-04 13:17 - 2014-06-04 13:16 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-04 13:17 - 2014-06-04 13:16 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-04 13:16 - 2014-06-04 13:16 - 00000000 ____D () C:\Program Files\Adobe
2014-06-04 13:15 - 2014-06-04 13:03 - 00016641 _____ () C:\Windows\IE11_main.log
2014-06-04 13:14 - 2014-06-04 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\PDF24
2014-06-04 13:13 - 2014-06-05 20:15 - 00001841 _____ () C:\Users\User\Desktop\PDF24 Creator.lnk
2014-06-04 13:13 - 2014-06-04 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-06-04 13:13 - 2014-06-04 13:12 - 00000000 ____D () C:\Program Files\PDF24
2014-06-04 13:12 - 2014-06-04 13:12 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-04 13:12 - 2014-06-04 13:12 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-04 13:12 - 2014-06-04 13:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-04 13:12 - 2014-06-04 13:12 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-04 13:12 - 2014-06-04 13:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-04 13:12 - 2014-06-04 13:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-04 13:11 - 2014-06-04 13:11 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-04 13:11 - 2014-06-04 13:11 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-04 13:11 - 2014-06-04 13:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-04 13:11 - 2014-06-04 13:11 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-06-04 13:11 - 2014-06-04 13:11 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-04 13:11 - 2014-06-04 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-04 13:09 - 2014-06-04 13:09 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-04 13:09 - 2014-06-04 13:09 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Wohnung Palmenvillen II
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Steuer
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Sparda
2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\samsung
2014-06-04 13:08 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Rezepte
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\restore
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Rechtschutz *****
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\PDF24
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Kabel Deutschland
2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\ICQ
2014-06-04 13:06 - 2014-06-04 13:06 - 00000000 ____D () C:\Users\User\Documents\Handy
2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Windows\PCHEALTH
2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Users\User\Documents\Eigene Scans
2014-06-04 13:04 - 2014-06-04 13:04 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\EA Games
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bluetooth Folder
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2014
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2013
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2012
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Apowersoft Free Audio Recorder
2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Ahnenforschung
2014-06-04 13:03 - 2009-07-14 10:57 - 00000000 ____D () C:\Windows\ShellNew
2014-06-04 13:02 - 2014-06-04 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help
2014-06-04 13:01 - 2014-06-04 13:01 - 00000000 ___RD () C:\MSOCache
2014-06-04 12:51 - 2014-06-04 12:51 - 00001564 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk
2014-06-04 12:51 - 2014-06-04 12:50 - 00000000 ____D () C:\Users\User\AppData\Local\Citrix
2014-06-04 12:51 - 2014-06-04 12:50 - 00000000 ____D () C:\ProgramData\Citrix
2014-06-04 12:51 - 2014-06-04 12:50 - 00000000 ____D () C:\Program Files\Citrix
2014-06-04 12:50 - 2014-06-04 12:50 - 00000000 ____D () C:\Program Files\Common Files\Citrix
2014-06-04 12:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-06-04 12:45 - 2014-06-04 12:45 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-04 12:44 - 2014-06-04 12:44 - 00000000 ____D () C:\Program Files\Common Files\Intel
2014-06-04 12:44 - 2014-06-04 12:17 - 00000000 ____D () C:\Program Files\Intel
2014-06-04 12:43 - 2014-06-04 12:17 - 00000000 ____D () C:\Intel
2014-06-04 12:41 - 2012-03-07 07:19 - 06212376 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-06-04 12:41 - 2012-03-07 07:19 - 00276248 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe
2014-06-04 12:41 - 2012-03-07 07:19 - 00269592 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-06-04 12:41 - 2012-03-07 07:19 - 00195864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-06-04 12:41 - 2012-03-07 07:19 - 00188184 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-06-04 12:41 - 2012-03-07 07:19 - 00180504 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-06-04 12:41 - 2012-03-07 07:19 - 00144664 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-06-04 12:41 - 2012-02-28 17:10 - 00080180 _____ () C:\Windows\system32\iglhxs32.vp
2014-06-04 12:41 - 2012-02-28 16:59 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2669.dll
2014-06-04 12:41 - 2012-02-28 16:58 - 00735796 _____ () C:\Windows\system32\igkrng700.bin
2014-06-04 12:41 - 2012-02-28 16:58 - 00561508 _____ () C:\Windows\system32\igfcg700m.bin
2014-06-04 12:41 - 2012-02-28 16:53 - 13207552 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
2014-06-04 12:41 - 2012-02-28 16:53 - 06122496 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
2014-06-04 12:41 - 2012-02-28 16:52 - 00058880 _____ () C:\Windows\system32\igdde32.dll
2014-06-04 12:41 - 2012-02-28 16:44 - 07794688 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
2014-06-04 12:41 - 2012-02-28 16:38 - 02866688 _____ (Intel Corporation) C:\Windows\system32\igdbcl32.dll
2014-06-04 12:41 - 2012-02-28 16:38 - 00518144 _____ (Intel Corporation) C:\Windows\system32\igdrcl32.dll
2014-06-04 12:41 - 2012-02-28 16:38 - 00188416 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL32.dll
2014-06-04 12:41 - 2012-02-28 16:26 - 23460864 _____ (Intel Corporation) C:\Windows\system32\igdfcl32.dll
2014-06-04 12:41 - 2012-02-28 16:15 - 13024256 _____ () C:\Windows\system32\ig7icd32.dll
2014-06-04 12:41 - 2012-02-28 16:10 - 00221099 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00191775 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00161613 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00146675 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00144338 _____ () C:\Windows\system32\Gfxres.ro-RO.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00143155 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00142664 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00142335 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00141644 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00141435 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00140923 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00140122 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00139487 _____ () C:\Windows\system32\Gfxres.hr-HR.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00136451 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00136369 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00124962 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-06-04 12:41 - 2012-02-28 16:10 - 00123467 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435200 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00435200 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00433664 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00433664 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00427008 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00426496 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-06-04 12:41 - 2012-02-28 16:09 - 00313344 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-06-04 12:41 - 2012-02-28 16:09 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-06-04 12:41 - 2012-02-28 16:09 - 00207830 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00164334 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00157226 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00148033 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00145687 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00145577 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00143805 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00142189 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00140885 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00140549 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00135868 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00131317 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-06-04 12:41 - 2012-02-28 16:09 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-06-04 12:41 - 2012-02-28 16:09 - 00120320 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-06-04 12:41 - 2012-02-28 16:09 - 00059392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-06-04 12:41 - 2012-02-28 16:09 - 00025088 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-06-04 12:41 - 2012-02-28 16:08 - 09023488 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-06-04 12:41 - 2012-02-28 16:08 - 00321024 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-06-04 12:41 - 2012-02-28 16:08 - 00284160 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-06-04 12:41 - 2012-02-28 16:08 - 00172544 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-06-04 12:41 - 2012-02-28 16:08 - 00096256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-06-04 12:41 - 2012-02-28 16:08 - 00009216 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 02321408 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 01921265 _____ () C:\Windows\system32\iglhxa32.cpa
2014-06-04 12:41 - 2012-02-28 16:07 - 00519680 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 00237056 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 00177152 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 00094208 _____ () C:\Windows\system32\IccLibDll.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 00059594 _____ () C:\Windows\system32\iglhxc32.vp
2014-06-04 12:41 - 2012-02-28 16:07 - 00059384 _____ () C:\Windows\system32\iglhxc32_dev.vp
2014-06-04 12:41 - 2012-02-28 16:07 - 00059328 _____ () C:\Windows\system32\iglhxg32_dev.vp
2014-06-04 12:41 - 2012-02-28 16:07 - 00059215 _____ () C:\Windows\system32\iglhxo32_dev.vp
2014-06-04 12:41 - 2012-02-28 16:07 - 00058781 _____ () C:\Windows\system32\iglhxo32.vp
2014-06-04 12:41 - 2012-02-28 16:07 - 00058684 _____ () C:\Windows\system32\iglhxg32.vp
2014-06-04 12:41 - 2012-02-28 16:07 - 00051200 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-06-04 12:41 - 2012-02-28 16:07 - 00001074 _____ () C:\Windows\system32\iglhxa32.vp
2014-06-04 12:41 - 2011-12-06 19:22 - 00280576 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-06-04 12:41 - 2011-12-06 19:21 - 00012288 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-06-04 12:38 - 2014-06-04 12:37 - 00000000 ____D () C:\ProgramData\Intel
2014-06-04 12:37 - 2014-06-04 12:38 - 00015128 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2014-06-04 12:37 - 2014-06-04 12:37 - 00000000 ____D () C:\Program Files\Common Files\postureAgent
2014-06-04 12:36 - 2014-06-04 12:21 - 00000000 ____D () C:\Program Files\Broadcom
2014-06-04 12:35 - 2014-06-04 12:45 - 01009512 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco32.dll
2014-06-04 12:35 - 2014-06-04 12:45 - 00888168 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco32.dll
2014-06-04 12:34 - 2014-06-04 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-06-04 12:33 - 2014-06-04 12:34 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2014-06-04 12:33 - 2012-02-27 19:01 - 00792856 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-06-04 12:33 - 2012-02-27 19:01 - 00348440 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-06-04 12:33 - 2012-02-27 19:01 - 00013592 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-06-04 12:31 - 2014-06-04 12:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll
2014-06-04 12:26 - 2014-06-04 12:26 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2014-06-04 12:25 - 2014-06-04 12:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel Corporation
2014-06-04 12:22 - 2014-06-04 12:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Dolby PCEE4
2014-06-04 12:20 - 2014-06-04 12:19 - 00000000 ___HD () C:\Program Files\Temp
2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Realtek
2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-06-04 12:18 - 2014-06-04 12:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-06-04 12:17 - 2014-06-04 12:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield
2014-06-04 12:16 - 2014-06-04 12:19 - 07783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 05096448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 03238608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-06-04 12:16 - 2014-06-04 12:19 - 03173008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 02417808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 02193472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01706640 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-06-04 12:16 - 2014-06-04 12:19 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 01185112 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00709976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00645776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00546944 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00293480 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00290813 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-04 12:16 - 2014-06-04 12:19 - 00259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00247560 _____ () C:\Windows\system32\Drivers\RTConvEQ.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00176736 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00155008 _____ () C:\Windows\system32\Drivers\RtPCEE4.DAT
2014-06-04 12:16 - 2014-06-04 12:19 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00087696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00039672 _____ () C:\Windows\system32\Drivers\RtPCEE3.DAT
2014-06-04 12:16 - 2014-06-04 12:19 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2014-06-04 12:16 - 2014-06-04 12:19 - 00001448 _____ () C:\Windows\system32\Drivers\RtHdatEx.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000712 _____ () C:\Windows\system32\Drivers\RTEQEX0.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX3.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX2.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX1.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000176 _____ () C:\Windows\system32\Drivers\RTHDAEQ1.dat
2014-06-04 12:16 - 2014-06-04 12:19 - 00000024 _____ () C:\Windows\system32\Drivers\rtkhdaud.dat
2014-06-04 12:09 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\de-DE
2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\DVD Maker
2014-06-04 12:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2014-06-04 12:05 - 2014-06-04 12:05 - 00000000 ____D () C:\Windows\system32\SPReview
2014-06-04 12:03 - 2009-07-14 04:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2014-06-04 11:49 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-06-04 11:49 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-06-04 11:20 - 2014-06-04 11:20 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-06-04 11:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-04 11:13 - 2014-06-04 11:13 - 00000000 ____D () C:\Program Files\Atheros
2014-06-04 11:13 - 2014-06-04 11:11 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-04 11:11 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore
2014-06-04 11:01 - 2014-06-04 11:01 - 00001413 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-04 11:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-04 11:00 - 2014-06-04 11:49 - 00000000 ____D () C:\Windows\Panther
2014-06-04 11:00 - 2014-06-04 11:00 - 00000020 ___SH () C:\Users\User\ntuser.ini
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Startmenü
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Druckumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 ____D () C:\Recovery
2014-06-04 11:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-06-04 10:53 - 2014-06-04 10:53 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-06-04 10:53 - 2014-06-04 10:53 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-06-04 10:53 - 2014-06-04 10:50 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-06-04 10:53 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-04 10:50 - 2009-07-14 06:34 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-05-09 09:06 - 2014-06-04 14:08 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-06-04 14:08 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-06-04 10:49
==================== End Of Log ============================
|
|
06.06.2014, 10:53
| #3 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing GMER
__________________Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-06 11:35:09
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\00000068 ATA_____ rev.A6C0 465,76GB
Running: GMER.exe; Driver: C:\Users\Admin\AppData\Local\Temp\kwtdikow.sys
---- System - GMER 2.1 ----
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwCreateThread [0x89FD7ECC]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwCreateThreadEx [0x89FD7EE6]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwMapViewOfSection [0x89FD7BEE]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwOpenSection [0x89FD8084]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwRenameKey [0x89FD9436]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwSuspendProcess [0x89FD7A6C]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwSuspendThread [0x89FD7F00]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwTerminateProcess [0x89FD79C6]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwTerminateThread [0x89FD7B26]
SSDT \??\C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys ZwWriteVirtualMemory [0x89FD7FC8]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82C75A15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CAF212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1203 82CB6598 8 Bytes [CC, 7E, FD, 89, E6, 7E, FD, ...]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1347 82CB66DC 4 Bytes [EE, 7B, FD, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 13AF 82CB6744 4 Bytes [84, 80, FD, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 152F 82CB68C4 4 Bytes [36, 94, FD, 89]
.text ntkrnlpa.exe!KeRemoveQueueEx + 165F 82CB69F4 8 Bytes [6C, 7A, FD, 89, 00, 7F, FD, ...]
.text ...
---- User code sections - GMER 2.1 ----
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 001A000C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 001A100C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 001A200C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 001AE00C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 001AC00C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 001AF00C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 001A400C
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[580] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 001A300C
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0021000C
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0021100C
.text C:\Windows\system32\lsm.exe[644] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0021200C
.text C:\Windows\system32\lsm.exe[644] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0021C00C
.text C:\Windows\system32\lsm.exe[644] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0021A00C
.text C:\Windows\system32\lsm.exe[644] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0021D00C
.text C:\Windows\system32\winlogon.exe[728] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0005000C
.text C:\Windows\system32\winlogon.exe[728] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0005100C
.text C:\Windows\system32\winlogon.exe[728] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0005200C
.text C:\Windows\system32\winlogon.exe[728] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0005E00C
.text C:\Windows\system32\winlogon.exe[728] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0005C00C
.text C:\Windows\system32\winlogon.exe[728] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0005F00C
.text C:\Windows\system32\winlogon.exe[728] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0005400C
.text C:\Windows\system32\winlogon.exe[728] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0005300C
.text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0021000C
.text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0021100C
.text C:\Windows\system32\svchost.exe[792] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0021200C
.text C:\Windows\system32\svchost.exe[792] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0021E00C
.text C:\Windows\system32\svchost.exe[792] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0021C00C
.text C:\Windows\system32\svchost.exe[792] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0021F00C
.text C:\Windows\system32\svchost.exe[792] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0021400C
.text C:\Windows\system32\svchost.exe[792] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0021300C
.text C:\Windows\system32\nvvsvc.exe[852] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0029000C
.text C:\Windows\system32\nvvsvc.exe[852] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0029100C
.text C:\Windows\system32\nvvsvc.exe[852] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0029200C
.text C:\Windows\system32\nvvsvc.exe[852] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0029E00C
.text C:\Windows\system32\nvvsvc.exe[852] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0029C00C
.text C:\Windows\system32\nvvsvc.exe[852] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0029F00C
.text C:\Windows\system32\nvvsvc.exe[852] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0029400C
.text C:\Windows\system32\nvvsvc.exe[852] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0029300C
.text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0020000C
.text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0020100C
.text C:\Windows\system32\svchost.exe[892] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0020200C
.text C:\Windows\system32\svchost.exe[892] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0020E00C
.text C:\Windows\system32\svchost.exe[892] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0020C00C
.text C:\Windows\system32\svchost.exe[892] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0020F00C
.text C:\Windows\system32\svchost.exe[892] user32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0020400C
.text C:\Windows\system32\svchost.exe[892] user32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0020300C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 001C000C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 001C100C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 001C200C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 001CE00C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 001CC00C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 001CF00C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 001C400C
.text C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[964] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 001C300C
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 005A000C
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 005A100C
.text C:\Windows\System32\svchost.exe[976] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 005A200C
.text C:\Windows\System32\svchost.exe[976] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 005AE00C
.text C:\Windows\System32\svchost.exe[976] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 005AC00C
.text C:\Windows\System32\svchost.exe[976] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 005AF00C
.text C:\Windows\System32\svchost.exe[976] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 005A400C
.text C:\Windows\System32\svchost.exe[976] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 005A300C
.text C:\Windows\System32\svchost.exe[1016] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0067000C
.text C:\Windows\System32\svchost.exe[1016] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0067100C
.text C:\Windows\System32\svchost.exe[1016] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0067200C
.text C:\Windows\System32\svchost.exe[1016] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0067E00C
.text C:\Windows\System32\svchost.exe[1016] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0067C00C
.text C:\Windows\System32\svchost.exe[1016] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0067F00C
.text C:\Windows\System32\svchost.exe[1016] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0067400C
.text C:\Windows\System32\svchost.exe[1016] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0067300C
.text C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0025000C
.text C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0025100C
.text C:\Windows\system32\svchost.exe[1068] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0025200C
.text C:\Windows\system32\svchost.exe[1068] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0025E00C
.text C:\Windows\system32\svchost.exe[1068] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0025C00C
.text C:\Windows\system32\svchost.exe[1068] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0025F00C
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0025400C
.text C:\Windows\system32\svchost.exe[1068] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0025300C
.text C:\Windows\system32\svchost.exe[1104] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 007D000C
.text C:\Windows\system32\svchost.exe[1104] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 007D100C
.text C:\Windows\system32\svchost.exe[1104] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 007D200C
.text C:\Windows\system32\svchost.exe[1104] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 007DE00C
.text C:\Windows\system32\svchost.exe[1104] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 007DC00C
.text C:\Windows\system32\svchost.exe[1104] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 007DF00C
.text C:\Windows\system32\svchost.exe[1104] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 007D400C
.text C:\Windows\system32\svchost.exe[1104] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 007D300C
.text C:\Windows\system32\svchost.exe[1220] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 001D000C
.text C:\Windows\system32\svchost.exe[1220] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 001D100C
.text C:\Windows\system32\svchost.exe[1220] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 001D200C
.text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 001DE00C
.text C:\Windows\system32\svchost.exe[1220] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 001DC00C
.text C:\Windows\system32\svchost.exe[1220] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 001DF00C
.text C:\Windows\system32\svchost.exe[1220] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 001D400C
.text C:\Windows\system32\svchost.exe[1220] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 001D300C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 001D000C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 001D100C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 001D200C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 001DE00C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 001DC00C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 001DF00C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 001D400C
.text C:\Program Files\Acer\Acer Updater\UpdaterService.exe[1292] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 001D300C
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 004F000C
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 004F100C
.text C:\Windows\system32\svchost.exe[1328] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 004F200C
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 004FE00C
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 004FC00C
.text C:\Windows\system32\svchost.exe[1328] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 004FF00C
.text C:\Windows\system32\svchost.exe[1328] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 004F400C
.text C:\Windows\system32\svchost.exe[1328] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 004F300C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0069000C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0069100C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0069200C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0069E00C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0069C00C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0069F00C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0069400C
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1412] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0069300C
.text C:\Windows\system32\nvvsvc.exe[1440] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0060000C
.text C:\Windows\system32\nvvsvc.exe[1440] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0060100C
.text C:\Windows\system32\nvvsvc.exe[1440] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0060200C
.text C:\Windows\system32\nvvsvc.exe[1440] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0060E00C
.text C:\Windows\system32\nvvsvc.exe[1440] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0060C00C
.text C:\Windows\system32\nvvsvc.exe[1440] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0060F00C
.text C:\Windows\system32\nvvsvc.exe[1440] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0060400C
.text C:\Windows\system32\nvvsvc.exe[1440] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0060300C
.text C:\Windows\system32\WLANExt.exe[1508] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 002D000C
.text C:\Windows\system32\WLANExt.exe[1508] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 002D100C
.text C:\Windows\system32\WLANExt.exe[1508] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 002D200C
.text C:\Windows\system32\WLANExt.exe[1508] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 002DE00C
.text C:\Windows\system32\WLANExt.exe[1508] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 002DC00C
.text C:\Windows\system32\WLANExt.exe[1508] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 002DF00C
.text C:\Windows\system32\WLANExt.exe[1508] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 002D400C
.text C:\Windows\system32\WLANExt.exe[1508] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 002D300C
.text C:\Windows\system32\svchost.exe[1696] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0064000C
.text C:\Windows\system32\svchost.exe[1696] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0064100C
.text C:\Windows\system32\svchost.exe[1696] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0064200C
.text C:\Windows\system32\svchost.exe[1696] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0064E00C
.text C:\Windows\system32\svchost.exe[1696] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0064C00C
.text C:\Windows\system32\svchost.exe[1696] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0064F00C
.text C:\Windows\system32\svchost.exe[1696] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0064400C
.text C:\Windows\system32\svchost.exe[1696] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0064300C
.text C:\Windows\system32\Dwm.exe[1792] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0016000C
.text C:\Windows\system32\Dwm.exe[1792] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0016100C
.text C:\Windows\system32\Dwm.exe[1792] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0016200C
.text C:\Windows\system32\Dwm.exe[1792] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0016E00C
.text C:\Windows\system32\Dwm.exe[1792] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0016C00C
.text C:\Windows\system32\Dwm.exe[1792] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0016F00C
.text C:\Windows\system32\Dwm.exe[1792] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0016400C
.text C:\Windows\system32\Dwm.exe[1792] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0016300C
.text C:\Windows\Explorer.EXE[1816] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 02E4000C
.text C:\Windows\Explorer.EXE[1816] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 02E4100C
.text C:\Windows\Explorer.EXE[1816] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 02E4200C
.text C:\Windows\Explorer.EXE[1816] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 02E4E00C
.text C:\Windows\Explorer.EXE[1816] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 02E4C00C
.text C:\Windows\Explorer.EXE[1816] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 02E4F00C
.text C:\Windows\Explorer.EXE[1816] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 02E4400C
.text C:\Windows\Explorer.EXE[1816] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 02E4300C
.text C:\Windows\system32\svchost.exe[1860] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0043000C
.text C:\Windows\system32\svchost.exe[1860] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0043100C
.text C:\Windows\system32\svchost.exe[1860] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0043200C
.text C:\Windows\system32\svchost.exe[1860] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0043E00C
.text C:\Windows\system32\svchost.exe[1860] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0043C00C
.text C:\Windows\system32\svchost.exe[1860] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0043F00C
.text C:\Windows\system32\svchost.exe[1860] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0043400C
.text C:\Windows\system32\svchost.exe[1860] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0043300C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0027000C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0027100C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0027200C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0027E00C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0027C00C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0027F00C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0027400C
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[1888] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0027300C
.text C:\Windows\system32\taskhost.exe[2000] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0057000C
.text C:\Windows\system32\taskhost.exe[2000] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0057100C
.text C:\Windows\system32\taskhost.exe[2000] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0057200C
.text C:\Windows\system32\taskhost.exe[2000] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0057E00C
.text C:\Windows\system32\taskhost.exe[2000] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0057C00C
.text C:\Windows\system32\taskhost.exe[2000] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0057F00C
.text C:\Windows\system32\taskhost.exe[2000] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0057400C
.text C:\Windows\system32\taskhost.exe[2000] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0057300C
.text C:\Program Files\Secure Banking\SecureBanking.exe[2036] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 002A000C
.text C:\Program Files\Secure Banking\SecureBanking.exe[2036] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 002A100C
.text C:\Program Files\Secure Banking\SecureBanking.exe[2036] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 002A200C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 001E000C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 001E100C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 001E200C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 001EE00C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 001EC00C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 001EF00C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 001E400C
.text C:\Program Files\Atheros\Ath_WlanAgent.exe[2104] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 001E300C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 00FD000C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 00FD100C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 00FD200C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 00FDE00C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 00FDC00C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 00FDF00C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 00FD400C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe[2724] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 00FD300C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0165000C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0165100C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0165200C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 0165E00C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 0165C00C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 0165F00C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 0165400C
.text C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe[2732] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 0165300C
.text C:\Program Files\PDF24\pdf24.exe[3336] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 002F000C
.text C:\Program Files\PDF24\pdf24.exe[3336] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 002F100C
.text C:\Program Files\PDF24\pdf24.exe[3336] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 002F200C
.text C:\Program Files\PDF24\pdf24.exe[3336] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 002FE00C
.text C:\Program Files\PDF24\pdf24.exe[3336] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 002FC00C
.text C:\Program Files\PDF24\pdf24.exe[3336] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 002FF00C
.text C:\Program Files\PDF24\pdf24.exe[3336] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 002F400C
.text C:\Program Files\PDF24\pdf24.exe[3336] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 002F300C
.text C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe[3452] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 001E000C
.text C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe[3452] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 001E100C
.text C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe[3452] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 001E200C
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 0006000C
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 0006100C
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 0006200C
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] ntdll.dll!LdrLoadDll 779822AE 5 Bytes JMP 71A71EB1 C:\Program Files\Mozilla Firefox\mozglue.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 76E194E6 7 Bytes JMP 561C84D6 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] kernel32.dll!QueryPerformanceCounter + 13 76E1C4E5 7 Bytes JMP 561C84F9 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] kernel32.dll!LoadAppInitDlls + 355 76E1F5A6 7 Bytes JMP 55843A32 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] USER32.dll!GetWindowInfo 76D14B5E 5 Bytes JMP 55F6141D C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Mozilla Firefox\firefox.exe[3484] GDI32.dll!GetViewportOrgEx + 26C 7759884B 7 Bytes JMP 561C8457 C:\Program Files\Mozilla Firefox\xul.dll
.text C:\Program Files\Brother\Brmfcmon\BrMfimon.exe[3628] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 002B000C
.text C:\Program Files\Brother\Brmfcmon\BrMfimon.exe[3628] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 002B100C
.text C:\Program Files\Brother\Brmfcmon\BrMfimon.exe[3628] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 002B200C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 000B000C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 000B100C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 000B200C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 000BE00C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 000BC00C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 000BF00C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 000B400C
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[3740] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 000B300C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 002E000C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 002E100C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 002E200C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] kernel32.dll!CopyFileExW 76E0B348 5 Bytes JMP 002EE00C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] kernel32.dll!OpenMutexA 76E104DA 5 Bytes JMP 002EC00C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] kernel32.dll!CreateDirectoryExW 76E57D09 5 Bytes JMP 002EF00C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] USER32.dll!SetWindowsHookExW 76D0E30C 5 Bytes JMP 002E400C
.text C:\Program Files\Citrix\ICA Client\wfcrun32.exe[4224] USER32.dll!SetWindowsHookExA 76D36D0C 5 Bytes JMP 002E300C
.text C:\Program Files\Secure Banking\sbservice.exe[5972] ntdll.dll!NtCreateProcess 779656D8 5 Bytes JMP 003D000C
.text C:\Program Files\Secure Banking\sbservice.exe[5972] ntdll.dll!NtCreateProcessEx 779656E8 5 Bytes JMP 003D100C
.text C:\Program Files\Secure Banking\sbservice.exe[5972] ntdll.dll!NtCreateUserProcess 779657B8 5 Bytes JMP 003D200C
---- Devices - GMER 2.1 ----
Device \Driver\usbhub \Device\USBPDO-2 ctxusbm.sys
Device \Driver\usbhub \Device\USBPDO-3 ctxusbm.sys
Device \Driver\usbhub \Device\USBPDO-4 ctxusbm.sys
Device \Driver\usbhub \Device\00000076 ctxusbm.sys
Device \Driver\usbhub \Device\00000077 ctxusbm.sys
Device \Driver\usbhub \Device\0000006d ctxusbm.sys
Device \Driver\usbhub \Device\0000006e ctxusbm.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\6894231e78e2
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\6894231e78e2 (not active ControlSet)
---- EOF - GMER 2.1 ----
|
|
10.06.2014, 09:14
| #4 |
| /// the machine /// TB-Ausbilder    | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing Hi, Addition.txt von FRST fehlt noch.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.06.2014, 10:26
| #5 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-06-2014
Ran by Admin at 2014-06-10 10:10:38
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Computer Sicherheit (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Sicherheit (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-585CW (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Citrix Authentication Manager (Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver (USB) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Computer Security 12.77.101.0 (release) (Version: 12.77.101.0 - F-Secure Corporation) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
F-Secure CCF Reputation (Version: 1.0.25.1756 - F-Secure) Hidden
F-Secure CCF Scanning 1.23.124.8831 (release) (Version: 1.23.124.8831 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (Version: 1.02.128.1 - F-Secure Corporation) Hidden
gpedt.msc 1.0 (HKLM\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Guitar Pro 5.2 (HKLM\...\Guitar Pro 5_is1) (Version: - Arobas Music)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{51A66ED3-200E-4147-8D1E-E8D30936FD26}) (Version: 1.23.605.1 - Intel Corporation)
Kabel Deutschland Launchpad (HKLM\...\F-Secure ServiceEnabler 44553) (Version: 1.77.243.0 - F-Secure Corporation)
Kabel Deutschland Launchpad (Version: 1.77.243.0 - F-Secure Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Online Plug-in (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Online Safety 2.77.1170.803 (Version: 2.77.1170.803 - F-Secure Corporation) Hidden
PDF24 Creator 6.5.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Secure Banking Version 1.5.2 (HKLM\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
Self-Service Plug-in (Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
==================== Restore Points =========================
04-06-2014 09:23:55 Windows 7 Service Pack 1
04-06-2014 10:16:38 Windows Update
04-06-2014 10:21:28 Installed Broadcom Card Reader Driver Installer.
04-06-2014 10:27:33 Windows Update
04-06-2014 10:33:34 Windows Update
04-06-2014 10:35:48 Installed Broadcom NetLink Controller.
04-06-2014 11:01:17 Installed Microsoft Office Home and Student 2007
04-06-2014 11:01:23 Windows Update
04-06-2014 11:59:55 Installiert MFL-Pro Suite
04-06-2014 12:01:09 Gerätetreiber-Paketinstallation: Brother Bildverarbeitungsgeräte
04-06-2014 12:08:52 Windows Update
04-06-2014 13:35:22 Windows Update
04-06-2014 13:46:09 Installed Java 7 Update 60
04-06-2014 14:08:19 Windows Update
05-06-2014 11:06:39 Windows Update
05-06-2014 11:27:49 Windows Update
05-06-2014 11:33:13 Windows Update
05-06-2014 11:51:28 Removed Java 7 Update 60
05-06-2014 11:58:45 Microsoft Office Live Add-in 1.5 wird entfernt
05-06-2014 12:10:33 Removed F-Secure
05-06-2014 12:13:53 Windows Update
06-06-2014 06:39:42 Installiert Acer Updater
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {6ED28045-7F03-481C-BA16-137FC7F442B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-04] (Adobe Systems Incorporated)
Task: {D8C77823-4E65-490B-9703-1D5E35FDB097} - System32\Tasks\Scheduled scanning task => C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-08-20] (F-Secure Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~1\KABELD~1\apps\COMPUT~1\ANTI-V~1\fsav.exe
==================== Loaded Modules (whitelisted) =============
2014-06-04 12:46 - 2013-08-30 01:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-06-05 20:59 - 2013-08-20 10:57 - 00045504 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2013-01-18 11:06 - 2013-01-18 11:06 - 00208880 _____ () C:\Program Files\Kabel Deutschland\daas2.dll
2014-06-04 14:00 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-06-04 14:00 - 2002-11-26 13:43 - 00106496 ____N () C:\Windows\system32\BrMuSNMP.dll
2014-06-05 21:04 - 2014-06-05 21:04 - 00030888 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2014-06-05 20:59 - 2014-06-05 21:04 - 00212008 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Spam Control\fsas.dll
2014-06-05 20:59 - 2014-06-05 21:03 - 00949288 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2014-06-05 20:52 - 2014-06-05 20:52 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2014-06-05 20:59 - 2013-08-20 10:57 - 00056256 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\FSGUI\fsavures.eng
2014-06-05 20:59 - 2013-08-20 10:57 - 00093120 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\FSGUI\strres.eng
2014-06-06 10:44 - 2012-09-07 17:30 - 00002560 _____ () C:\Program Files\Secure Banking\sbservice.exe
2014-06-06 10:44 - 2013-06-30 17:01 - 00017920 _____ () C:\Program Files\Secure Banking\SecureBanking.dll
2014-06-06 10:43 - 2013-05-26 13:13 - 00008704 _____ () C:\Program Files\Secure Banking\funcs.dll
2014-06-05 20:33 - 2014-06-05 20:33 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\42f1ffc0f76dec53185c54cc637dd791\PSIClient.ni.dll
2014-06-04 12:37 - 2014-06-04 12:37 - 01198872 _____ () C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/10/2014 09:55:39 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/09/2014 03:20:52 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/09/2014 02:37:20 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/09/2014 02:28:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/09/2014 11:33:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm pdf24-Creator.exe, Version 6.5.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1564
Startzeit: 01cf83c219ca23f1
Endzeit: 8
Anwendungspfad: C:\Program Files\PDF24\pdf24-Creator.exe
Berichts-ID: 16295be9-efb9-11e3-93f3-6894231e78e2
Error: (06/09/2014 09:35:14 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/08/2014 08:13:57 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/08/2014 02:06:03 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/08/2014 02:03:48 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/08 14:03:48.499]: [00002280]: GetDeviceIpAddress: GetAddressByName [BRWC417FEDE7854] Error
Error: (06/08/2014 00:22:58 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/08 12:22:58.941]: [00002164]: SendSKeySettingToDevice:: Snmp Load Error[0] To[192.168.0.100]
System errors:
=============
Error: (06/10/2014 09:54:48 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/09/2014 03:19:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/09/2014 02:24:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
Error: (06/08/2014 03:55:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
Error: (06/06/2014 04:12:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/06/2014 04:06:14 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/06/2014 04:02:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/06/2014 01:18:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
Error: (06/06/2014 08:28:11 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/06/2014 08:25:47 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
|
|
10.06.2014, 18:43
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing hi, Scan mit Combofix
__________________ --> Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing |
|
10.06.2014, 19:23
| #7 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing ComboFix ist ohne Probleme und jegliche Meldungen durchgelaufen, hier die log Code:
ATTFilter ComboFix 14-06-10.01 - Admin 10.06.2014 20:11:45.4.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.2388.1360 [GMT 2:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
AV: Computer Sicherheit *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Computer Sicherheit *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-10 bis 2014-06-10 ))))))))))))))))))))))))))))))
.
.
2014-06-10 18:17 . 2014-06-10 18:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-10 14:42 . 2014-06-10 14:49 -------- d-----w- C:\AdwCleaner
2014-06-10 08:09 . 2014-06-10 08:11 -------- d-----w- C:\FRST
2014-06-07 17:06 . 2014-06-10 10:19 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-07 17:06 . 2014-05-12 05:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-07 17:06 . 2014-05-12 05:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-07 17:06 . 2014-05-12 05:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-07 17:06 . 2014-06-07 17:06 -------- d-----w- c:\program files\ Malwarebytes Anti-Malware
2014-06-06 10:36 . 2014-06-06 10:36 -------- d-----w- c:\program files\Guitar Pro 5
2014-06-06 08:43 . 2014-06-06 08:44 -------- d-----w- c:\program files\Secure Banking
2014-06-06 08:17 . 2014-06-06 08:17 -------- d-----w- c:\program files\ESET
2014-06-06 07:39 . 2014-06-06 07:39 -------- d-----w- c:\programdata\elsterformular
2014-06-06 07:39 . 2014-06-08 13:32 -------- d-----w- c:\program files\ElsterFormular
2014-06-06 07:36 . 2014-06-06 07:36 -------- d-----w- c:\programdata\Lidl_Fotos
2014-06-06 07:36 . 2014-06-06 07:36 -------- d-----w- c:\program files\Lidl_Fotos
2014-06-06 06:40 . 2014-06-06 06:40 -------- d-----w- c:\programdata\Acer
2014-06-06 06:40 . 2014-06-06 06:40 -------- d-----w- c:\program files\Acer
2014-06-06 06:29 . 2014-06-06 13:36 -------- d-----w- c:\users\UpdatusUser
2014-06-05 19:00 . 2014-06-05 19:07 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2014-06-05 18:52 . 2014-06-05 19:01 -------- d-----w- c:\program files\Kabel Deutschland
2014-06-05 13:15 . 2008-04-14 00:11 295936 ----a-w- c:\windows\system32\appmgr.dll
2014-06-05 13:15 . 2014-06-05 13:15 -------- d-----w- c:\windows\system32\GPBAK
2014-06-05 13:15 . 2014-06-05 13:15 707354 ----a-w- c:\windows\unins000.exe
2014-06-05 13:06 . 2014-06-05 13:06 -------- d-----w- c:\windows\ERUNT
2014-06-05 12:28 . 2014-06-08 13:30 -------- d-----w- c:\users\Admin
2014-06-05 12:15 . 2014-06-05 12:15 -------- d-----w- c:\program files\Microsoft
2014-06-05 12:11 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2014-06-05 12:02 . 2014-05-19 23:18 8073384 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0CCDCEA9-65D9-4F03-9968-DBA1AB715047}\mpengine.dll
2014-06-05 11:26 . 2014-06-05 12:11 -------- d-----w- c:\program files\F-Secure
2014-06-05 11:25 . 2014-06-05 19:01 -------- d-----w- c:\programdata\F-Secure
2014-06-05 11:10 . 2014-03-06 07:28 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-05 11:06 . 2014-06-05 11:06 -------- d-----w- c:\programdata\Malwarebytes
2014-06-04 14:13 . 2014-06-04 14:13 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-06-04 14:09 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-06-04 13:41 . 2014-06-04 13:41 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-06-04 13:41 . 2014-06-04 13:41 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-06-04 13:41 . 2014-06-04 13:41 -------- d-----w- c:\windows\system32\Macromed
2014-06-04 13:37 . 2014-06-04 13:37 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-06-04 13:21 . 2014-06-09 13:18 -------- d-----w- c:\windows\system32\NV
2014-06-04 13:16 . 2014-06-04 13:16 -------- d-s---w- c:\windows\system32\CompatTel
2014-06-04 12:48 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2014-06-04 12:48 . 2012-08-23 13:52 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-04 12:48 . 2012-08-23 14:48 221184 ----a-w- c:\windows\system32\rdpudd.dll
2014-06-04 12:48 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2014-06-04 12:48 . 2012-08-23 10:08 2739712 ----a-w- c:\windows\system32\rdpcorets.dll
2014-06-04 12:40 . 2014-06-04 14:10 -------- d-----w- c:\program files\Microsoft Silverlight
2014-06-04 12:37 . 2013-10-01 23:45 32256 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-04 12:37 . 2013-10-02 00:32 12800 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-04 12:37 . 2013-10-02 00:42 49152 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2014-06-04 12:37 . 2013-10-02 00:30 14336 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-04 12:37 . 2013-10-02 00:14 50176 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2014-06-04 12:37 . 2013-10-02 00:14 17920 ----a-w- c:\windows\system32\wksprtPS.dll
2014-06-04 12:37 . 2013-10-01 23:58 53248 ----a-w- c:\windows\system32\tsgqec.dll
2014-06-04 12:37 . 2013-10-01 23:08 855552 ----a-w- c:\windows\system32\rdvidcrl.dll
2014-06-04 12:37 . 2013-10-01 23:00 76288 ----a-w- c:\windows\system32\TSWbPrxy.exe
2014-06-04 12:37 . 2013-10-01 22:53 350208 ----a-w- c:\windows\system32\wksprt.exe
2014-06-04 12:37 . 2013-10-01 22:34 1068544 ----a-w- c:\windows\system32\mstsc.exe
2014-06-04 12:31 . 2014-06-04 12:31 -------- d-----w- c:\windows\Migration
2014-06-04 12:27 . 2014-06-04 12:27 -------- d-----w- c:\windows\system32\MRT
2014-06-04 12:20 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-06-04 12:20 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-06-04 12:20 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-06-04 12:20 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-06-04 12:20 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-06-04 12:20 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-06-04 12:20 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-06-04 12:20 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2014-06-04 12:20 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll
2014-06-04 12:19 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe
2014-06-04 12:15 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2014-06-04 12:15 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-06-04 12:07 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
2014-06-04 12:07 . 2013-07-03 03:36 25728 ----a-w- c:\windows\system32\drivers\hidparse.sys
2014-06-04 12:05 . 2013-07-09 04:52 175104 ----a-w- c:\windows\system32\wintrust.dll
2014-06-04 12:05 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2014-06-04 12:05 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2014-06-04 12:05 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2014-06-04 12:05 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2014-06-04 12:05 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2014-06-04 12:05 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-06-04 12:05 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2014-06-04 12:04 . 2013-05-13 03:08 903168 ----a-w- c:\windows\system32\certutil.exe
2014-06-04 12:04 . 2013-05-13 03:08 43008 ----a-w- c:\windows\system32\certenc.dll
2014-06-04 12:04 . 2013-09-25 01:57 792576 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-06-04 12:04 . 2014-01-24 02:18 1212352 ----a-w- c:\windows\system32\drivers\ntfs.sys
2014-06-04 12:04 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\system32\crypt32.dll
2014-06-04 12:04 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2014-06-04 12:04 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll
2014-06-04 12:04 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2014-06-04 12:02 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2014-06-04 12:01 . 2013-08-01 11:03 729024 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-06-04 12:00 . 2012-05-05 07:46 400896 ----a-w- c:\windows\system32\srcore.dll
2014-06-04 11:57 . 2013-12-04 01:54 510976 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2014-06-04 11:57 . 2013-12-04 01:54 594944 ----a-w- c:\windows\system32\RMActivate_isv.exe
2014-06-04 11:57 . 2013-12-04 01:54 572416 ----a-w- c:\windows\system32\RMActivate.exe
2014-06-04 11:57 . 2013-12-04 01:54 508928 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2014-06-04 11:57 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2014-06-04 11:57 . 2013-12-04 02:03 87040 ----a-w- c:\windows\system32\secproc_ssp.dll
2014-06-04 11:57 . 2013-12-04 02:03 423936 ----a-w- c:\windows\system32\secproc_isv.dll
2014-06-04 11:57 . 2013-12-04 02:03 428032 ----a-w- c:\windows\system32\secproc.dll
2014-06-04 11:57 . 2013-12-04 02:02 390144 ----a-w- c:\windows\system32\msdrm.dll
2014-06-04 11:57 . 2014-06-04 11:57 -------- d-----w- c:\programdata\Brother
2014-06-04 11:54 . 2014-06-04 12:00 -------- d-----w- c:\program files\Brother
2014-06-04 11:27 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2014-06-04 11:27 . 2013-09-25 01:56 220160 ----a-w- c:\windows\system32\ncrypt.dll
2014-06-04 11:27 . 2013-07-04 12:16 369848 ----a-w- c:\windows\system32\drivers\cng.sys
2014-06-04 11:27 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-06-04 11:19 . 2014-06-04 11:19 -------- d-----w- c:\windows\system32\wbem\en-US
2014-06-04 11:16 . 2014-06-04 11:17 -------- d-----w- c:\program files\Common Files\Adobe
2014-06-04 11:11 . 2014-06-04 11:11 69632 ----a-w- c:\windows\system32\smss.exe
2014-06-04 11:11 . 2014-06-04 11:11 640512 ----a-w- c:\windows\system32\advapi32.dll
2014-06-04 11:11 . 2014-06-04 11:11 619520 ----a-w- c:\windows\system32\tdh.dll
2014-06-04 11:11 . 2014-06-04 11:11 38912 ----a-w- c:\windows\system32\csrsrv.dll
2014-06-04 11:11 . 2014-06-04 11:11 1289096 ----a-w- c:\windows\system32\ntdll.dll
2014-06-04 11:11 . 2014-06-04 11:11 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2014-06-04 11:11 . 2014-06-04 11:11 231424 ----a-w- c:\windows\system32\mswsock.dll
2014-06-04 11:11 . 2014-06-04 11:11 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-04 11:11 . 2014-06-04 11:11 1294272 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-04 11:11 . 2014-06-04 11:11 49152 ----a-w- c:\windows\system32\taskhost.exe
2014-06-04 11:06 . 2014-06-04 14:13 -------- d-----w- c:\program files\Microsoft Works
2014-06-04 11:05 . 2014-06-04 11:05 -------- d-----w- c:\windows\PCHEALTH
2014-06-04 11:04 . 2014-06-04 11:04 1505280 ----a-w- c:\windows\system32\d3d11.dll
2014-06-04 11:02 . 2014-06-05 11:17 -------- d-----w- c:\programdata\Microsoft Help
2014-06-04 11:01 . 2014-06-04 11:01 -------- d-----r- C:\MSOCache
2014-06-04 11:00 . 2013-02-27 05:05 101720 ----a-w- c:\windows\system32\consent.exe
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-04 10:41 . 2011-12-06 17:22 280576 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2014-06-04 10:41 . 2011-12-06 17:21 12288 ----a-w- c:\windows\system32\IntcDAuC.dll
2014-06-04 10:41 . 2012-02-28 14:38 188416 ----a-w- c:\windows\system32\IntelOpenCL32.dll
2014-06-04 10:41 . 2012-02-28 14:07 51200 ----a-w- c:\windows\system32\OpenCL.dll
2014-06-04 10:41 . 2012-03-07 05:19 276248 ----a-w- c:\windows\system32\IntelCpHeciSvc.exe
2014-06-04 10:41 . 2012-02-28 14:59 81920 ----a-w- c:\windows\system32\igfxCoIn_v2669.dll
2014-06-04 10:41 . 2012-02-28 14:07 519680 ----a-w- c:\windows\system32\iglhsip32.dll
2014-06-04 10:41 . 2012-02-28 14:07 177152 ----a-w- c:\windows\system32\iglhcp32.dll
2014-06-04 10:41 . 2012-03-07 05:19 144664 ----a-w- c:\windows\system32\igfxtray.exe
2014-06-04 10:41 . 2012-03-07 05:19 269592 ----a-w- c:\windows\system32\igfxsrvc.exe
2014-06-04 10:41 . 2012-02-28 14:09 286208 ----a-w- c:\windows\system32\igfxTMM.dll
2014-06-04 10:41 . 2012-02-28 14:09 59392 ----a-w- c:\windows\system32\igfxsrvc.dll
2014-06-04 10:41 . 2012-02-28 14:09 437248 ----a-w- c:\windows\system32\igfxrrom.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436224 ----a-w- c:\windows\system32\igfxrsky.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435712 ----a-w- c:\windows\system32\igfxrtrk.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435712 ----a-w- c:\windows\system32\igfxrslv.lrc
2014-06-04 10:41 . 2012-02-28 14:09 437248 ----a-w- c:\windows\system32\igfxrrus.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435712 ----a-w- c:\windows\system32\igfxrsve.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435200 ----a-w- c:\windows\system32\igfxrtha.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436736 ----a-w- c:\windows\system32\igfxrptg.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436736 ----a-w- c:\windows\system32\igfxrplk.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435712 ----a-w- c:\windows\system32\igfxrptb.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435712 ----a-w- c:\windows\system32\igfxrnor.lrc
2014-06-04 10:41 . 2012-02-28 14:09 428544 ----a-w- c:\windows\system32\igfxrkor.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436736 ----a-w- c:\windows\system32\igfxrnld.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436736 ----a-w- c:\windows\system32\igfxrhrv.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436736 ----a-w- c:\windows\system32\igfxrita.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436224 ----a-w- c:\windows\system32\igfxrhun.lrc
2014-06-04 10:41 . 2012-02-28 14:09 433664 ----a-w- c:\windows\system32\igfxrheb.lrc
2014-06-04 10:41 . 2012-02-28 14:09 430080 ----a-w- c:\windows\system32\igfxrjpn.lrc
2014-06-04 10:41 . 2012-02-28 14:09 437760 ----a-w- c:\windows\system32\igfxrfra.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436224 ----a-w- c:\windows\system32\igfxrfin.lrc
2014-06-04 10:41 . 2012-02-28 14:09 437760 ----a-w- c:\windows\system32\igfxresn.lrc
2014-06-04 10:41 . 2012-02-28 14:08 9023488 ----a-w- c:\windows\system32\igfxress.dll
2014-06-04 10:41 . 2012-02-28 14:08 284160 ----a-w- c:\windows\system32\igfxrenu.lrc
2014-06-04 10:41 . 2012-02-28 14:09 438272 ----a-w- c:\windows\system32\igfxrell.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436736 ----a-w- c:\windows\system32\igfxrdeu.lrc
2014-06-04 10:41 . 2012-02-28 14:09 436224 ----a-w- c:\windows\system32\igfxrcsy.lrc
2014-06-04 10:41 . 2012-02-28 14:09 435200 ----a-w- c:\windows\system32\igfxrdan.lrc
2014-06-04 10:41 . 2012-02-28 14:09 427008 ----a-w- c:\windows\system32\igfxrcht.lrc
2014-06-04 10:41 . 2012-02-28 14:09 426496 ----a-w- c:\windows\system32\igfxrchs.lrc
2014-06-04 10:41 . 2012-03-07 05:19 188184 ----a-w- c:\windows\system32\igfxpers.exe
2014-06-04 10:41 . 2012-03-07 05:19 195864 ----a-w- c:\windows\system32\igfxext.exe
2014-06-04 10:41 . 2012-02-28 14:09 433664 ----a-w- c:\windows\system32\igfxrara.lrc
2014-06-04 10:41 . 2012-02-28 14:09 313344 ----a-w- c:\windows\system32\igfxpph.dll
2014-06-04 10:41 . 2012-02-28 14:09 25088 ----a-w- c:\windows\system32\igfxexps.dll
2014-06-04 10:41 . 2012-02-28 14:09 130048 ----a-w- c:\windows\system32\igfxdo.dll
2014-06-04 10:41 . 2012-02-28 14:08 9216 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2014-06-04 10:41 . 2012-02-28 14:09 120320 ----a-w- c:\windows\system32\igfxcpl.cpl
2014-06-04 10:41 . 2012-02-28 14:08 321024 ----a-w- c:\windows\system32\igfxdev.dll
2014-06-04 10:41 . 2012-02-28 14:07 237056 ----a-w- c:\windows\system32\igfxcmrt32.dll
2014-06-04 10:41 . 2012-02-28 14:07 2321408 ----a-w- c:\windows\system32\igfxcmjit32.dll
2014-06-04 10:41 . 2012-02-28 14:53 13207552 ----a-w- c:\windows\system32\drivers\igdkmd32.sys
2014-06-04 10:41 . 2012-02-28 14:53 6122496 ----a-w- c:\windows\system32\igdumd32.dll
2014-06-04 10:41 . 2012-02-28 14:38 518144 ----a-w- c:\windows\system32\igdrcl32.dll
2014-06-04 10:41 . 2012-02-28 14:26 23460864 ----a-w- c:\windows\system32\igdfcl32.dll
2014-06-04 10:41 . 2012-02-28 14:52 58880 ----a-w- c:\windows\system32\igdde32.dll
2014-06-04 10:41 . 2012-02-28 14:44 7794688 ----a-w- c:\windows\system32\igd10umd32.dll
2014-06-04 10:41 . 2012-02-28 14:38 2866688 ----a-w- c:\windows\system32\igdbcl32.dll
2014-06-04 10:41 . 2012-02-28 14:15 13024256 ----a-w- c:\windows\system32\ig7icd32.dll
2014-06-04 10:41 . 2012-02-28 14:07 94208 ----a-w- c:\windows\system32\IccLibDll.dll
2014-06-04 10:41 . 2012-03-07 05:19 180504 ----a-w- c:\windows\system32\hkcmd.exe
2014-06-04 10:41 . 2012-03-07 05:19 6212376 ----a-w- c:\windows\system32\GfxUI.exe
2014-06-04 10:41 . 2012-02-28 14:08 96256 ----a-w- c:\windows\system32\hccutils.dll
2014-06-04 10:41 . 2012-02-28 14:08 172544 ----a-w- c:\windows\system32\gfxSrvc.dll
2014-06-04 10:41 . 2012-02-28 14:07 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2014-06-04 10:33 . 2012-02-27 17:01 792856 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-06-04 10:33 . 2012-02-27 17:01 348440 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-06-04 10:33 . 2012-02-27 17:01 13592 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-06-04 10:03 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dolby Home Theater v4"="REM" [X]
"USB3MON"="REM" [X]
"IgfxTray"="REM" [X]
"HotKeysCmds"="REM" [X]
"Persistence"="REM" [X]
"ControlCenter3"="REM" [X]
"Adobe ARM"="REM" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2014-06-04 10996368]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2014-06-04 912016]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2013-10-01 395656]
"Redirector"="c:\program files\Citrix\ICA Client\redirector.exe" [2013-10-01 153992]
"PDFPrint"="c:\program files\PDF24\pdf24.exe" [2014-06-04 191528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"F-Secure Hoster (44553)"="c:\program files\Kabel Deutschland\fshoster32.exe" [2013-01-18 188400]
"F-Secure Manager"="c:\program files\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE" [2013-08-20 310208]
"SecureBanking"="c:\program files\Secure Banking\SecureBanking.exe" [2013-06-30 507904]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Secure Banking.lnk - c:\program files\Secure Banking\SecureBanking.exe [2014-6-6 507904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll c:\windows\System32\nvinit.dll
.
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-06-04 108032]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys [2014-06-05 44240]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys [2012-07-09 531264]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys [2012-07-09 24896]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2014-06-04 13592]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2013-09-05 25376]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2013-09-24 70440]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-06-09 73864]
S1 fsvista;F-Secure Vista Support Driver;c:\program files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-08-20 12736]
S2 fshoster;F-Secure Dll Hoster;c:\program files\Kabel Deutschland\fshoster32.exe [2013-01-18 188400]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe [2014-06-05 60352]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-07-09 7168]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 458464]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-06-04 161560]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S2 MBAMScheduler;MBAMScheduler;c:\program files\ Malwarebytes Anti-Malware \mbamscheduler.exe [2014-05-12 1809720]
S2 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2014-05-12 860472]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-06-04 363800]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files\Atheros\Ath_WlanAgent.exe [2012-02-19 72864]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2012-08-13 64088]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2012-08-13 18520]
S3 bScsiMSx;bScsiMSx;c:\windows\system32\DRIVERS\bScsiMSx.sys [2012-06-18 46168]
S3 bScsiSDx;bScsiSDx;c:\windows\system32\DRIVERS\bScsiSDx.sys [2012-08-14 52312]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2014-06-09 146472]
S3 fsni;fsni;c:\program files\Kabel Deutschland\apps\CCF_Scanning\fsni32.sys [2013-04-25 66496]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2014-06-04 280576]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2014-06-04 348440]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2014-06-04 792856]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2012-01-18 370728]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2012-07-17 55104]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-04 13:41]
.
2014-06-10 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\KABELD~1\apps\COMPUT~1\ANTI-V~1\fsav.exe [2014-06-05 08:57]
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y5t2bglj.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-SecureBanking - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files\Kabel Deutschland\fshoster32.exe\" -hosterid:0"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2747657943-2784994450-2871648465-1000_Classes\CLSID]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-2747657943-2784994450-2871648465-1000_Classes\CLSID\{23FE7DC1-7CCD-43DD-A685-29B366A95477}]
@DACL=(02 0000)
"{7470120C-5391-472A-AE57-3398316D154B}"=hex:b4,61,55,0b
"{3F0D3968-3C62-4281-936D-658014AF6B1C}"=hex:83,58,93,9f,60,3e,fa,4a,61,5d,3f,
6f,c7,72,86,7e,8c,21,39,bc,21,89,82,07,64,5e,e8,35,91,91,d6,09,e6,1a,c0,e6,\
.
[HKEY_USERS\S-1-5-21-2747657943-2784994450-2871648465-1000_Classes\CLSID\{7F5771D0-6BD5-4CA8-B3F6-7D660CFB3CC2}]
@DACL=(02 0000)
"#cert"=hex:31
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-10 20:19:38
ComboFix-quarantined-files.txt 2014-06-10 18:19
.
Vor Suchlauf: 12 Verzeichnis(se), 425.951.633.408 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 425.903.316.992 Bytes frei
.
- - End Of File - - 77AECFC8B8B4BC52316202C24CE533F5
A36C5E4F47E84449FF07ED3517B43A31
|
|
11.06.2014, 09:44
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.06.2014, 20:06
| #9 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking PhishingCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.06.2014 Suchlauf-Zeit: 20:40:59 Logdatei: mbam.txt Administrator: Nein Version: 2.00.2.1012 Malware Datenbank: v2014.06.11.07 Rootkit Datenbank: v2014.06.02.01 Lizenz: Premium Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: User Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 216938 Verstrichene Zeit: 4 Min, 48 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 11/06/2014 um 20:50:00
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Admin - NOTEBOOK-HOME
# Gestartet von : C:\Users\Admin\Downloads\adwcleaner_3.212.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y5t2bglj.default\prefs.js ]
[ Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\srqtzotu.default\prefs.js ]
*************************
AdwCleaner[R1].txt - [1050 octets] - [10/06/2014 16:43:34]
AdwCleaner[R2].txt - [1034 octets] - [10/06/2014 16:48:56]
AdwCleaner[R3].txt - [1095 octets] - [11/06/2014 20:49:32]
AdwCleaner[S1].txt - [1116 octets] - [10/06/2014 16:44:43]
AdwCleaner[S2].txt - [1019 octets] - [11/06/2014 20:50:00]
########## EOF - \AdwCleaner\AdwCleaner[S2].txt - [1079 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by Admin on 11.06.2014 at 20:56:00,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.06.2014 at 21:02:31,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:11-06-2014 01 Ran by Admin (administrator) on NOTEBOOK-HOME on 11-06-2014 20:28:19 Running from C:\Users\User\Desktop Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (F-Secure Corporation) C:\Program Files\Kabel Deutschland\fshoster32.exe (F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe (Atheros) C:\Program Files\Atheros\Ath_WlanAgent.exe (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\redirector.exe (Citrix Systems, Inc.) C:\Program Files\Citrix\Receiver\Receiver.exe (Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfServicePlugin.exe (Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (F-Secure Corporation) C:\Program Files\Kabel Deutschland\fshoster32.exe (F-Secure Corporation) C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfimon.exe (Secure Banking) C:\Program Files\Secure Banking\SecureBanking.exe () C:\Program Files\Secure Banking\sbservice.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Citrix Systems, Inc.) C:\Program Files\Citrix\SelfServicePlugin\SelfService.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2014-06-04] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [912016 2014-06-04] (Realtek Semiconductor) HKLM\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [507744 2012-04-23] (Dolby Laboratories Inc.) HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2014-06-04] (Intel Corporation) HKLM\...\Run: [ConnectionCenter] => C:\Program Files\Citrix\ICA Client\concentr.exe [395656 2013-10-01] (Citrix Systems, Inc.) HKLM\...\Run: [Redirector] => C:\Program Files\Citrix\ICA Client\redirector.exe [153992 2013-10-01] (Citrix Systems, Inc.) HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-06-04] (Geek Software GmbH) HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.) HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM\...\Run: [F-Secure Hoster (44553)] => C:\Program Files\Kabel Deutschland\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation) HKLM\...\Run: [F-Secure Manager] => C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-20] (F-Secure Corporation) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Run: [SecureBanking] => C:\Program Files\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking) AppInit_DLLs: C:\Windows\System32\nvinit.dll => C:\Windows\System32\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation) AppInit_DLLs: C:\Windows\System32\nvinit.dll => C:\Windows\System32\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Secure Banking.lnk ShortcutTarget: Secure Banking.lnk -> C:\Program Files\Secure Banking\SecureBanking.exe (Secure Banking) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7D8561C5BE80CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKLM - DefaultScope value is missing. DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y5t2bglj.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin: @Citrix.com/npican - C:\Program Files\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.) FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: IP Address and Domain Information - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y5t2bglj.default\Extensions\jid0-jJRRRBMgoShUhb07IvnxTBAl29w@jetpack.xpi [2014-06-10] FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\y5t2bglj.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-10] ========================== Services (Whitelisted) ================= S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [276248 2014-06-04] (Intel Corporation) R2 fshoster; C:\Program Files\Kabel Deutschland\fshoster32.exe [188400 2013-01-18] (F-Secure Corporation) R3 FSMA; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Common\FSMA32.EXE [207808 2013-08-20] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files\Kabel Deutschland\apps\CCF_Reputation\fsorsp.exe [60352 2014-06-05] (F-Secure Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [458464 2012-02-02] (Intel(R) Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2014-06-04] (Intel Corporation) R2 Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 ZAtheros Wlan Agent; C:\Program Files\Atheros\Ath_WlanAgent.exe [72864 2012-02-19] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== R3 b57xdbd; C:\Windows\System32\DRIVERS\b57xdbd.sys [64088 2012-08-13] (Broadcom Corporation) R3 b57xdmp; C:\Windows\System32\DRIVERS\b57xdmp.sys [18520 2012-08-13] (Broadcom Corporation) R3 bScsiMSx; C:\Windows\System32\DRIVERS\bScsiMSx.sys [46168 2012-06-18] (Broadcom Corporation) R3 bScsiSDx; C:\Windows\System32\DRIVERS\bScsiSDx.sys [52312 2012-08-14] (Broadcom Corporation) R3 F-Secure Gatekeeper; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [146472 2014-06-09] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73864 2014-06-09] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2014-06-05] () R3 fsni; C:\Program Files\Kabel Deutschland\apps\CCF_Scanning\fsni32.sys [66496 2013-04-25] (F-Secure Corporation) R1 fsvista; C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [12736 2013-08-20] () R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [531264 2012-07-09] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24896 2012-07-09] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [13592 2014-06-04] (Intel Corporation) R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [348440 2014-06-04] (Intel Corporation) R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [792856 2014-06-04] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [55104 2012-07-17] (Intel Corporation) R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [25376 2013-09-05] (NVIDIA Corporation) U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-11 20:28 - 2014-06-11 20:29 - 00014262 _____ () C:\Users\User\Desktop\FRST.txt 2014-06-11 20:27 - 2014-06-11 20:27 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion 2014-06-11 20:26 - 2014-06-11 20:27 - 01073152 _____ (Farbar) C:\Users\User\Desktop\FRST.exe 2014-06-10 20:19 - 2014-06-11 20:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00025467 _____ () C:\ComboFix.txt 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-06-10 20:07 - 2014-06-10 20:07 - 05205915 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe 2014-06-10 20:06 - 2014-06-10 20:07 - 05205915 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe 2014-06-10 17:09 - 2014-06-10 17:09 - 00000625 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-06-10 16:42 - 2014-06-10 16:49 - 00000000 ____D () C:\AdwCleaner 2014-06-10 16:42 - 2014-06-10 16:42 - 01333465 _____ () C:\Users\Admin\Downloads\adwcleaner_3.212.exe 2014-06-10 16:09 - 2014-06-10 16:09 - 05701712 _____ () C:\Users\User\Downloads\bitdefender_14isecurity.exe 2014-06-10 10:10 - 2014-06-10 10:11 - 00019557 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-06-10 10:09 - 2014-06-11 20:28 - 00000000 ____D () C:\FRST 2014-06-10 10:09 - 2014-06-10 10:11 - 00227400 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-06-09 14:30 - 2014-06-09 14:30 - 02282688 _____ (1&1 Mail & Media GmbH) C:\Users\User\Downloads\gmx_mediacenter_setup.exe 2014-06-08 15:30 - 2014-06-08 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\F-Secure 2014-06-08 15:30 - 2014-06-08 15:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\elsterformular 2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\elsterformular 2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Users\User\AppData\Local\Lidl_Fotos 2014-06-07 19:06 - 2014-06-10 12:19 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-07 19:06 - 2014-06-07 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-07 19:06 - 2014-06-07 19:06 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-06-07 19:06 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-07 19:06 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-07 19:06 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-07 19:04 - 2014-06-07 19:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-06-07 18:50 - 2014-06-07 18:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-06 15:57 - 2014-06-06 15:58 - 00000000 ____D () C:\Users\Admin\Downloads\FRST-OlderVersion 2014-06-06 15:36 - 2014-06-06 15:36 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini 2014-06-06 12:36 - 2014-06-06 12:36 - 00000910 _____ () C:\Users\User\Desktop\Guitar Pro 5.lnk 2014-06-06 12:36 - 2014-06-06 12:36 - 00000910 _____ () C:\Users\Admin\Desktop\Guitar Pro 5.lnk 2014-06-06 12:36 - 2014-06-06 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5 2014-06-06 12:36 - 2014-06-06 12:36 - 00000000 ____D () C:\Program Files\Guitar Pro 5 2014-06-06 12:01 - 2014-06-06 12:01 - 00854367 _____ () C:\Users\User\Downloads\SecurityCheck.exe 2014-06-06 11:35 - 2014-06-06 11:35 - 00045097 _____ () C:\Users\Admin\Desktop\GMER.log 2014-06-06 11:10 - 2014-06-06 11:10 - 00000000 _____ () C:\Users\Admin\defogger_reenable 2014-06-06 11:09 - 2014-06-06 11:10 - 00050477 _____ () C:\Users\User\Downloads\Defogger.exe 2014-06-06 11:07 - 2014-06-06 11:07 - 00380416 _____ () C:\Users\User\Downloads\GMER.exe 2014-06-06 10:44 - 2014-06-06 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Banking 2014-06-06 10:43 - 2014-06-06 10:44 - 00000000 ____D () C:\Program Files\Secure Banking 2014-06-06 10:40 - 2014-06-06 10:40 - 00441354 _____ (Hopfgartner Niklas ) C:\Users\User\Downloads\setup152.exe 2014-06-06 10:17 - 2014-06-06 10:17 - 00000000 ____D () C:\Program Files\ESET 2014-06-06 09:39 - 2014-06-08 15:32 - 00000000 ____D () C:\Program Files\ElsterFormular 2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\elsterformular 2014-06-06 09:37 - 2014-06-06 09:37 - 00001841 _____ () C:\Users\Admin\Desktop\Lidl-Fotos.lnk 2014-06-06 09:37 - 2014-06-06 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos 2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\ProgramData\Lidl_Fotos 2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\Program Files\Lidl_Fotos 2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Acer 2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\Program Files\Acer 2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A 2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A 2014-06-06 08:38 - 2014-06-06 08:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\InstallShield 2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A 2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A 2014-06-06 08:15 - 2014-06-06 08:15 - 22464416 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A.zip 2014-06-06 08:15 - 2014-06-06 08:15 - 07580658 _____ () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A.zip 2014-06-06 08:14 - 2014-06-06 08:15 - 08163850 _____ () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A.zip 2014-06-06 08:14 - 2014-06-06 08:14 - 41661051 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A.zip 2014-06-05 21:04 - 2014-06-11 20:24 - 00000618 _____ () C:\Windows\Tasks\Scheduled scanning task.job 2014-06-05 21:00 - 2014-06-05 21:07 - 00044240 _____ () C:\Windows\system32\Drivers\fsbts.sys 2014-06-05 20:59 - 2014-06-05 21:00 - 00002395 _____ () C:\Windows\DAASINST.LOG 2014-06-05 20:52 - 2014-06-05 21:01 - 00000000 ____D () C:\Program Files\Kabel Deutschland 2014-06-05 20:52 - 2014-06-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland 2014-06-05 20:50 - 2014-06-05 20:50 - 00859072 _____ (F-Secure Corporation) C:\Users\User\Downloads\Sicherheitspaket.exe 2014-06-05 20:25 - 2014-06-05 20:25 - 00000248 _____ () C:\Users\User\Desktop\Webinterface-Anmeldung.URL 2014-06-05 20:15 - 2014-06-04 13:13 - 00001841 _____ () C:\Users\User\Desktop\PDF24 Creator.lnk 2014-06-05 16:15 - 2014-06-05 16:15 - 00000000 ____D () C:\Users\Admin\AppData\Local\PDF24 2014-06-05 15:21 - 2014-06-05 15:24 - 00000363 _____ () C:\Users\Admin\Downloads\##1 How To Do.txt 2014-06-05 15:15 - 2014-06-05 15:15 - 00707354 _____ () C:\Windows\unins000.exe 2014-06-05 15:15 - 2014-06-05 15:15 - 00001536 _____ () C:\Windows\unins000.dat 2014-06-05 15:15 - 2014-06-05 15:15 - 00000000 ____D () C:\Windows\system32\GPBAK 2014-06-05 15:15 - 2008-04-14 02:11 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll 2014-06-05 15:15 - 2001-08-23 13:00 - 00034871 _____ () C:\Windows\system32\gpedit.msc 2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia 2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia 2014-06-05 15:06 - 2014-06-05 15:06 - 00000000 ____D () C:\Windows\ERUNT 2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList 2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList 2014-06-05 15:03 - 2014-06-05 15:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2014-06-05 15:03 - 2014-06-05 15:04 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2014-06-05 14:58 - 2014-06-05 14:58 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\Junk Removal Tool.exe 2014-06-05 14:51 - 2014-06-06 15:58 - 01063424 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2014-06-05 14:33 - 2014-06-10 20:19 - 00000000 ____D () C:\Qoobox 2014-06-05 14:33 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-06-05 14:33 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-06-05 14:33 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-06-05 14:33 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-06-05 14:33 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-06-05 14:33 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-06-05 14:33 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-06-05 14:33 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-06-05 14:32 - 2014-06-05 14:45 - 00000000 ____D () C:\Windows\erdnt 2014-06-05 14:32 - 2014-06-05 14:32 - 05205146 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe 2014-06-05 14:29 - 2014-06-06 12:55 - 00064800 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ICAClient 2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Citrix 2014-06-05 14:28 - 2014-06-08 15:30 - 00000000 ____D () C:\Users\Admin 2014-06-05 14:28 - 2014-06-06 15:58 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore 2014-06-05 14:28 - 2014-06-05 14:28 - 00001429 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-05 14:28 - 2014-06-05 14:28 - 00000020 ___SH () C:\Users\Admin\ntuser.ini 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Startmenü 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2014-06-05 14:28 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help 2014-06-05 14:28 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-05 14:28 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-06-05 14:24 - 2014-06-05 14:25 - 00448512 _____ (OldTimer Tools) C:\Users\Admin\Downloads\Temporary File Cleaner.exe 2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in 2014-06-05 14:13 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-06-05 14:13 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-06-05 14:13 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-06-05 14:13 - 2012-07-06 21:23 - 00393728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2014-06-05 14:13 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-06-05 14:13 - 2011-03-11 07:39 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys 2014-06-05 14:13 - 2011-03-11 07:39 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys 2014-06-05 14:13 - 2011-03-11 07:38 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys 2014-06-05 14:13 - 2011-03-11 07:38 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys 2014-06-05 14:13 - 2011-03-11 07:38 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys 2014-06-05 14:13 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll 2014-06-05 14:13 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe 2014-06-05 14:13 - 2011-03-11 06:01 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-06-05 14:11 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-06-05 14:10 - 2014-06-05 14:10 - 11268944 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MSEInstall.exe 2014-06-05 14:07 - 2014-06-05 14:09 - 00178707 _____ () C:\Windows\FSUNINST.log 2014-06-05 14:07 - 2014-06-05 14:09 - 00008237 _____ () C:\Windows\uninstaller.log 2014-06-05 14:07 - 2014-06-05 14:08 - 00000069 _____ () C:\Windows\fsavunin_2.log 2014-06-05 13:48 - 2014-06-05 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure 2014-06-05 13:45 - 2014-06-05 21:00 - 00001308 _____ () C:\Windows\fsav_db_setup.log 2014-06-05 13:45 - 2014-06-05 20:59 - 00019462 _____ () C:\Windows\prodsett_copy.ini 2014-06-05 13:44 - 2014-06-05 21:00 - 03784497 _____ () C:\Windows\FSISU.log 2014-06-05 13:44 - 2014-06-05 21:00 - 01654951 _____ () C:\Windows\FSSFM.log 2014-06-05 13:44 - 2014-06-05 21:00 - 01420006 _____ () C:\Windows\FSSETUP.log 2014-06-05 13:44 - 2014-06-05 21:00 - 00248673 _____ () C:\Windows\FSPROD.log 2014-06-05 13:44 - 2014-06-05 21:00 - 00194615 _____ () C:\Windows\RunSetup.log 2014-06-05 13:44 - 2014-06-05 21:00 - 00133760 _____ () C:\Windows\FSAVINST.LOG 2014-06-05 13:44 - 2014-06-05 21:00 - 00012091 _____ () C:\Windows\FSGKIAIN.log 2014-06-05 13:44 - 2014-06-05 21:00 - 00010527 _____ () C:\Windows\FSAVCSIN.LOG 2014-06-05 13:44 - 2014-06-05 21:00 - 00005405 _____ () C:\Windows\FSLDIN.LOG 2014-06-05 13:44 - 2014-06-05 21:00 - 00003473 _____ () C:\Windows\fsavunin.log 2014-06-05 13:44 - 2014-06-05 20:59 - 00366699 _____ () C:\Windows\FSDEPH.log 2014-06-05 13:44 - 2014-06-05 20:59 - 00035323 _____ () C:\Windows\fspplugin.log 2014-06-05 13:44 - 2014-06-05 14:08 - 00000675 _____ () C:\Windows\fstnbins.LOG 2014-06-05 13:26 - 2014-06-05 14:11 - 00000000 ____D () C:\Program Files\F-Secure 2014-06-05 13:25 - 2014-06-05 21:01 - 00000000 ____D () C:\ProgramData\F-Secure 2014-06-05 13:13 - 2014-06-05 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-06-05 13:10 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-05 13:06 - 2014-06-05 13:06 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-05 13:05 - 2014-06-05 13:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\Malewarebytes Anti Malware.exe 2014-06-05 12:43 - 2014-06-05 12:43 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe 2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-06-04 16:09 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-04 16:09 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-04 16:09 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-04 16:03 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-06-04 16:03 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-06-04 16:03 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-06-04 16:03 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-06-04 16:03 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-06-04 16:03 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-06-04 16:03 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-06-04 16:03 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-06-04 16:03 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-06-04 16:03 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-06-04 16:03 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-06-04 16:03 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-06-04 16:03 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-06-04 16:03 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-06-04 16:03 - 2011-04-28 05:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia 2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia 2014-06-04 15:41 - 2014-06-11 20:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-04 15:41 - 2014-06-04 15:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-06-04 15:41 - 2014-06-04 15:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-06-04 15:41 - 2014-06-04 15:41 - 00000000 ____D () C:\Windows\system32\Macromed 2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla 2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla 2014-06-04 15:37 - 2014-06-04 15:37 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-04 15:37 - 2014-06-04 15:37 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\ProgramData\Mozilla 2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-06-04 15:21 - 2014-06-09 15:18 - 00000000 ____D () C:\Windows\system32\NV 2014-06-04 15:16 - 2014-06-04 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-04 14:48 - 2012-08-23 16:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-06-04 14:48 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-06-04 14:48 - 2012-08-23 15:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-06-04 14:48 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2014-06-04 14:48 - 2012-08-23 12:08 - 02739712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-06-04 14:41 - 2014-06-04 16:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-06-04 14:40 - 2014-06-04 16:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-06-04 14:37 - 2013-10-02 02:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-06-04 14:37 - 2013-10-02 02:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-06-04 14:37 - 2013-10-02 02:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-06-04 14:37 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-06-04 14:37 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-06-04 14:37 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-06-04 14:37 - 2013-10-02 01:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-06-04 14:37 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-06-04 14:37 - 2013-10-02 01:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-06-04 14:37 - 2013-10-02 00:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-06-04 14:37 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-06-04 14:27 - 2014-06-04 14:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-04 14:27 - 2014-05-04 17:14 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Brother 2014-06-04 14:20 - 2012-07-26 05:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-06-04 14:20 - 2012-07-26 05:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-06-04 14:20 - 2012-07-26 05:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-06-04 14:20 - 2012-07-26 05:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-06-04 14:20 - 2012-07-26 05:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-06-04 14:20 - 2012-07-26 04:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-06-04 14:20 - 2012-07-26 04:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-06-04 14:20 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-06-04 14:20 - 2012-03-01 07:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2014-06-04 14:20 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2014-06-04 14:19 - 2010-02-11 09:10 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe 2014-06-04 14:15 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-06-04 14:15 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-06-04 14:08 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-04 14:08 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-04 14:08 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-06-04 14:08 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-06-04 14:08 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-06-04 14:08 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-06-04 14:07 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys 2014-06-04 14:07 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2014-06-04 14:06 - 2014-06-04 14:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-06-04 14:05 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-06-04 14:05 - 2012-10-03 18:42 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-06-04 14:05 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-06-04 14:05 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-06-04 14:05 - 2012-10-03 18:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-06-04 14:05 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-06-04 14:05 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-06-04 14:05 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-06-04 14:04 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-06-04 14:04 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-06-04 14:04 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-06-04 14:04 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll 2014-06-04 14:04 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-06-04 14:04 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2014-06-04 14:04 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe 2014-06-04 14:04 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll 2014-06-04 14:04 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-06-04 14:03 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-06-04 14:03 - 2014-02-07 03:07 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-06-04 14:03 - 2013-11-27 03:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-06-04 14:03 - 2013-11-27 03:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-06-04 14:03 - 2013-11-27 03:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-06-04 14:03 - 2013-11-27 03:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-06-04 14:03 - 2013-11-27 03:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-06-04 14:03 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-06-04 14:03 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-06-04 14:03 - 2013-10-04 03:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-06-04 14:03 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-06-04 14:03 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-06-04 14:03 - 2013-06-26 00:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2014-06-04 14:03 - 2012-11-29 00:57 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2014-06-04 14:03 - 2012-11-29 00:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2014-06-04 14:03 - 2012-11-29 00:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2014-06-04 14:03 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-04 14:03 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-06-04 14:03 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-06-04 14:02 - 2014-06-04 14:02 - 00000425 _____ () C:\Windows\BRWMARK.INI 2014-06-04 14:02 - 2014-06-04 14:02 - 00000027 _____ () C:\Windows\BRPP2KA.INI 2014-06-04 14:02 - 2014-06-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2014-06-04 14:02 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-06-04 14:02 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-06-04 14:02 - 2013-07-09 06:50 - 00652800 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-06-04 14:02 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys 2014-06-04 14:02 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll 2014-06-04 14:02 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-06-04 14:02 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-06-04 14:02 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys 2014-06-04 14:01 - 2014-03-04 11:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-06-04 14:01 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-06-04 14:01 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-06-04 14:01 - 2013-10-03 03:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-06-04 14:01 - 2013-08-02 03:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 02:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-06-04 14:01 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-06-04 14:01 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-06-04 14:01 - 2013-08-01 13:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-06-04 14:01 - 2013-07-12 12:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys 2014-06-04 14:01 - 2013-07-12 12:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys 2014-06-04 14:01 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2014-06-04 14:01 - 2013-04-10 07:18 - 00218984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-06-04 14:01 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys 2014-06-04 14:01 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll 2014-06-04 14:00 - 2014-06-04 14:00 - 00000050 _____ () C:\Windows\system32\bridf08b.dat 2014-06-04 14:00 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-06-04 14:00 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-06-04 14:00 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-06-04 14:00 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-06-04 14:00 - 2013-07-20 12:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-06-04 14:00 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-06-04 14:00 - 2012-05-05 09:46 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-06-04 14:00 - 2009-04-07 12:01 - 01534464 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWia09b.dll 2014-06-04 14:00 - 2009-02-24 13:59 - 00072192 ____N (Brother Industries, Ltd.) C:\Windows\system32\BrNetSti.dll 2014-06-04 14:00 - 2009-02-24 12:51 - 00073216 ____N (Brother Industries,Ltd.) C:\Windows\system32\BrWiaNCp.dll 2014-06-04 14:00 - 2009-02-24 12:51 - 00046592 ____N (Brother Industries,Ltd) C:\Windows\system32\Brnsplg.dll 2014-06-04 14:00 - 2008-06-17 15:33 - 00167936 ____N (brother) C:\Windows\system32\NSSearch.dll 2014-06-04 14:00 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll 2014-06-04 14:00 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll 2014-06-04 14:00 - 2007-12-13 22:16 - 00003072 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll 2014-06-04 14:00 - 2006-12-28 13:39 - 00176128 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll 2014-06-04 14:00 - 2002-11-26 13:43 - 00106496 ____N () C:\Windows\system32\BrMuSNMP.dll 2014-06-04 13:59 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-06-04 13:59 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-06-04 13:59 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-06-04 13:59 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-04 13:59 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-04 13:59 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-06-04 13:59 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-06-04 13:59 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-06-04 13:59 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2014-06-04 13:59 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-06-04 13:59 - 2013-10-12 04:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2014-06-04 13:59 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2014-06-04 13:59 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-06-04 13:59 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-06-04 13:59 - 2013-08-05 03:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-06-04 13:59 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-06-04 13:59 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-06-04 13:59 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-06-04 13:59 - 2013-07-04 11:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-06-04 13:59 - 2013-06-06 06:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2014-06-04 13:59 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2014-06-04 13:59 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2014-06-04 13:59 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2014-06-04 13:59 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2014-06-04 13:59 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-06-04 13:59 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-04 13:59 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll 2014-06-04 13:59 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll 2014-06-04 13:59 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-06-04 13:59 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll 2014-06-04 13:59 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll 2014-06-04 13:59 - 2012-05-14 06:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-06-04 13:59 - 2012-05-04 11:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-06-04 13:59 - 2012-05-01 06:44 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-06-04 13:59 - 2012-04-07 13:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-06-04 13:59 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl 2014-06-04 13:59 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll 2014-06-04 13:59 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax 2014-06-04 13:59 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll 2014-06-04 13:59 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2014-06-04 13:59 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2014-06-04 13:59 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2014-06-04 13:59 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2014-06-04 13:59 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2014-06-04 13:59 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2014-06-04 13:59 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2014-06-04 13:59 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2014-06-04 13:59 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2014-06-04 13:59 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-06-04 13:59 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll 2014-06-04 13:59 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll 2014-06-04 13:59 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe 2014-06-04 13:58 - 2012-04-28 05:17 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-06-04 13:58 - 2012-04-26 06:45 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-06-04 13:58 - 2012-04-26 06:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll 2014-06-04 13:58 - 2012-04-26 06:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe 2014-06-04 13:58 - 2012-03-17 09:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys 2014-06-04 13:58 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll 2014-06-04 13:58 - 2011-11-19 16:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-06-04 13:58 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2014-06-04 13:58 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-06-04 13:58 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll 2014-06-04 13:58 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-06-04 13:58 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll 2014-06-04 13:58 - 2011-07-09 04:30 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2014-06-04 13:58 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll 2014-06-04 13:58 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll 2014-06-04 13:58 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll 2014-06-04 13:58 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll 2014-06-04 13:58 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll 2014-06-04 13:58 - 2011-05-24 12:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll 2014-06-04 13:58 - 2011-04-29 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2014-06-04 13:58 - 2011-04-29 04:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-06-04 13:58 - 2011-04-29 04:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-06-04 13:58 - 2011-04-27 04:17 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2014-06-04 13:58 - 2011-04-27 04:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-06-04 13:58 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2014-06-04 13:58 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll 2014-06-04 13:58 - 2011-03-03 07:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll 2014-06-04 13:58 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe 2014-06-04 13:58 - 2011-02-23 06:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys 2014-06-04 13:58 - 2011-02-12 07:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe 2014-06-04 13:58 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll 2014-06-04 13:58 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll 2014-06-04 13:58 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax 2014-06-04 13:57 - 2014-06-04 13:57 - 00000000 ____D () C:\ProgramData\Brother 2014-06-04 13:57 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-06-04 13:57 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-06-04 13:57 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-06-04 13:57 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-06-04 13:57 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-06-04 13:57 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-06-04 13:57 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-06-04 13:57 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-06-04 13:57 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-06-04 13:54 - 2014-06-04 14:00 - 00000000 ____D () C:\Program Files\Brother 2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList 2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList 2014-06-04 13:27 - 2013-09-25 03:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-06-04 13:27 - 2013-07-04 14:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-06-04 13:27 - 2013-06-15 05:38 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-06-04 13:27 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-06-04 13:22 - 2014-06-05 12:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe 2014-06-04 13:17 - 2014-06-04 13:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-06-04 13:16 - 2014-06-07 18:50 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-04 13:16 - 2014-06-04 13:17 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-06-04 13:16 - 2014-06-04 13:16 - 00000000 ____D () C:\Program Files\Adobe 2014-06-04 13:14 - 2014-06-04 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\PDF24 2014-06-04 13:13 - 2014-06-04 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-06-04 13:12 - 2014-06-04 13:13 - 00000000 ____D () C:\Program Files\PDF24 2014-06-04 13:12 - 2014-06-04 13:12 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-04 13:12 - 2014-06-04 13:12 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-06-04 13:12 - 2014-06-04 13:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-06-04 13:12 - 2014-06-04 13:12 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-04 13:11 - 2014-06-04 13:11 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-06-04 13:11 - 2014-06-04 13:11 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-04 13:11 - 2014-06-04 13:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-06-04 13:11 - 2014-06-04 13:11 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-06-04 13:11 - 2014-06-04 13:11 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-06-04 13:09 - 2014-06-04 13:09 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Wohnung *********villen II 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Steuer 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Sparda 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\samsung 2014-06-04 13:08 - 2014-05-05 19:46 - 00120179 _____ () C:\Users\User\Documents\Fotobuch Bodensee.pbf 2014-06-04 13:08 - 2013-12-19 11:45 - 00000093 _____ () C:\Users\User\Documents\wlan.txt 2014-06-04 13:08 - 2013-11-07 17:17 - 00127815 _____ () C:\Users\User\Documents\Fotobuch Köln.pbf 2014-06-04 13:08 - 2013-09-14 12:12 - 00002486 _____ () C:\Users\User\Documents\citrix.*********.com 2014-06-04 13:08 - 2013-09-12 14:51 - 00000000 ____D () C:\Users\User\Documents\Steuer 2009 2014-06-04 13:08 - 2013-07-13 16:33 - 00264941 _____ () C:\Users\User\Documents\Fotobuch Dresden.pbf 2014-06-04 13:08 - 2011-11-05 16:36 - 00064000 _____ () C:\Users\User\Documents\Ü-Ei Figuren.xls 2014-06-04 13:08 - 2011-02-27 11:10 - 00093174 _____ () C:\Users\User\Documents\Steuer_2010_*****.zip 2014-06-04 13:08 - 2010-04-01 17:31 - 07614464 _____ () C:\Users\User\Documents\ica32web.msi 2014-06-04 13:08 - 2010-02-22 18:38 - 00094094 _____ () C:\Users\User\Documents\Steuer_2009_Wolfgang.zip 2014-06-04 13:08 - 2009-11-24 21:25 - 546109869 _____ () C:\Users\User\Documents\Standard_20091124_201933.zip 2014-06-04 13:08 - 2009-07-16 13:05 - 52923512 _____ (MAGIX AG) C:\Users\User\Documents\foto_manager_sued_d.exe 2014-06-04 13:08 - 2009-06-11 15:31 - 01878888 _____ (Adobe Systems Incorporated) C:\Users\User\Documents\install_flash_player.exe 2014-06-04 13:08 - 2009-01-17 18:30 - 00000970 _____ () C:\Users\User\Documents\Meine freigegebenen Ordner.lnk 2014-06-04 13:08 - 2008-07-18 18:00 - 07331584 _____ (Mozilla) C:\Users\User\Documents\Firefox%20Setup%203.0.exe 2014-06-04 13:08 - 2007-05-19 12:07 - 00023552 _____ () C:\Users\User\Documents\Adressliste Klassentreffen.xls 2014-06-04 13:07 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Rezepte 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\restore 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Rechtschutz ***** 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\PDF24 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Kabel Deutschland 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\ICQ 2014-06-04 13:06 - 2014-06-04 16:13 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-06-04 13:06 - 2014-06-04 13:06 - 00000000 ____D () C:\Users\User\Documents\Handy 2014-06-04 13:05 - 2014-06-04 14:31 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Windows\PCHEALTH 2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Users\User\Documents\Eigene Scans 2014-06-04 13:04 - 2014-06-09 11:33 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2014 2014-06-04 13:04 - 2014-06-04 13:04 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\EA Games 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bluetooth Folder 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2013 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2012 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Apowersoft Free Audio Recorder 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Ahnenforschung 2014-06-04 13:04 - 2006-06-30 13:18 - 00007202 _____ () C:\Users\User\Documents\Zugang Outlook Giulini.html 2014-06-04 13:03 - 2014-06-04 13:15 - 00016641 _____ () C:\Windows\IE11_main.log 2014-06-04 13:02 - 2014-06-05 13:17 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-04 13:02 - 2014-06-05 13:15 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-06-04 13:02 - 2014-06-04 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help 2014-06-04 13:01 - 2014-06-04 13:01 - 00000000 ___RD () C:\MSOCache 2014-06-04 13:00 - 2013-02-27 07:05 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-06-04 13:00 - 2013-02-27 06:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-06-04 12:51 - 2014-06-04 12:51 - 00001564 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk 2014-06-04 12:50 - 2014-06-05 20:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\ICAClient 2014-06-04 12:50 - 2014-06-04 12:51 - 00000000 ____D () C:\Users\User\AppData\Local\Citrix 2014-06-04 12:50 - 2014-06-04 12:51 - 00000000 ____D () C:\ProgramData\Citrix 2014-06-04 12:50 - 2014-06-04 12:51 - 00000000 ____D () C:\Program Files\Citrix 2014-06-04 12:50 - 2014-06-04 12:50 - 00000000 ____D () C:\Program Files\Common Files\Citrix 2014-06-04 12:46 - 2014-06-09 15:18 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-04 12:46 - 2013-08-30 01:08 - 04265760 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-06-04 12:46 - 2013-08-30 01:08 - 03006240 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll 2014-06-04 12:46 - 2013-08-30 01:08 - 02555168 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-06-04 12:46 - 2013-08-30 01:08 - 00886560 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll 2014-06-04 12:46 - 2013-08-30 01:08 - 00662816 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-06-04 12:46 - 2013-08-30 01:08 - 00209184 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-06-04 12:46 - 2013-08-30 01:08 - 00066560 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll 2014-06-04 12:46 - 2013-08-30 01:08 - 00062752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-06-04 12:46 - 2013-08-30 01:01 - 03349466 _____ () C:\Windows\system32\nvcoproc.bin 2014-06-04 12:45 - 2014-06-04 14:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-04 12:45 - 2014-06-04 12:45 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-04 12:45 - 2014-06-04 12:35 - 01009512 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco32.dll 2014-06-04 12:45 - 2014-06-04 12:35 - 00888168 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco32.dll 2014-06-04 12:45 - 2013-09-05 02:38 - 01222824 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshim.dll 2014-06-04 12:45 - 2013-09-05 02:38 - 00141336 _____ (NVIDIA Corporation) C:\Windows\system32\nvinit.dll 2014-06-04 12:45 - 2013-09-05 02:38 - 00017699 _____ () C:\Windows\system32\nvinfo.pb 2014-06-04 12:45 - 2013-09-05 02:37 - 02630304 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll 2014-06-04 12:44 - 2014-06-04 12:44 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-06-04 12:38 - 2014-06-04 12:37 - 00015128 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll 2014-06-04 12:37 - 2014-06-04 12:38 - 00000000 ____D () C:\ProgramData\Intel 2014-06-04 12:37 - 2014-06-04 12:37 - 00000000 ____D () C:\Program Files\Common Files\postureAgent 2014-06-04 12:34 - 2014-06-04 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2014-06-04 12:34 - 2014-06-04 12:33 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll 2014-06-04 12:33 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2014-06-04 12:33 - 2012-02-17 06:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2014-06-04 12:32 - 2014-06-04 12:31 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll 2014-06-04 12:28 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-06-04 12:28 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-06-04 12:28 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-06-04 12:28 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-06-04 12:28 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-06-04 12:28 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-06-04 12:28 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-06-04 12:27 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-06-04 12:27 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-06-04 12:26 - 2014-06-04 12:26 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation 2014-06-04 12:25 - 2014-06-04 12:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel Corporation 2014-06-04 12:23 - 2014-06-10 20:56 - 00045006 _____ () C:\Windows\PFRO.log 2014-06-04 12:22 - 2014-06-04 12:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf 2014-06-04 12:21 - 2014-06-04 12:36 - 00000000 ____D () C:\Program Files\Broadcom 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Windows\Downloaded Installations 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Dolby PCEE4 2014-06-04 12:19 - 2014-06-04 12:20 - 00000000 ___HD () C:\Program Files\Temp 2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Windows\system32\RTCOM 2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Realtek 2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-06-04 12:19 - 2014-06-04 12:16 - 07783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 05096448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 03238608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys 2014-06-04 12:19 - 2014-06-04 12:16 - 03173008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 02417808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 02193472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01706640 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl 2014-06-04 12:19 - 2014-06-04 12:16 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 01185112 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00709976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00645776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00546944 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00293480 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00290813 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-06-04 12:19 - 2014-06-04 12:16 - 00259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00247560 _____ () C:\Windows\system32\Drivers\RTConvEQ.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00176736 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00155008 _____ () C:\Windows\system32\Drivers\RtPCEE4.DAT 2014-06-04 12:19 - 2014-06-04 12:16 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00087696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00039672 _____ () C:\Windows\system32\Drivers\RtPCEE3.DAT 2014-06-04 12:19 - 2014-06-04 12:16 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll 2014-06-04 12:19 - 2014-06-04 12:16 - 00001448 _____ () C:\Windows\system32\Drivers\RtHdatEx.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000712 _____ () C:\Windows\system32\Drivers\RTEQEX0.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX3.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX2.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX1.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000176 _____ () C:\Windows\system32\Drivers\RTHDAEQ1.dat 2014-06-04 12:19 - 2014-06-04 12:16 - 00000024 _____ () C:\Windows\system32\Drivers\rtkhdaud.dat 2014-06-04 12:19 - 2012-05-17 11:29 - 07161696 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP32A.dll 2014-06-04 12:19 - 2012-05-17 11:29 - 00351072 _____ (Dolby Laboratories) C:\Windows\system32\R4EED32A.dll 2014-06-04 12:19 - 2012-05-17 11:29 - 00105824 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL32A.dll 2014-06-04 12:19 - 2012-05-17 11:29 - 00091488 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA32A.dll 2014-06-04 12:19 - 2012-05-17 11:29 - 00061792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG32A.dll 2014-06-04 12:18 - 2014-06-04 12:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-06-04 12:17 - 2014-06-04 12:44 - 00000000 ____D () C:\Program Files\Intel 2014-06-04 12:17 - 2014-06-04 12:43 - 00000000 ____D () C:\Intel 2014-06-04 12:17 - 2014-06-04 12:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield 2014-06-04 12:17 - 2012-07-09 13:43 - 00531264 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys 2014-06-04 12:17 - 2012-07-09 13:42 - 00024896 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys 2014-06-04 12:16 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-06-04 12:15 - 2014-06-06 12:59 - 00064800 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-04 12:15 - 2014-06-05 20:56 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-06-04 12:05 - 2014-06-04 12:05 - 00000000 ____D () C:\Windows\system32\SPReview 2014-06-04 11:49 - 2014-06-04 11:00 - 00000000 ____D () C:\Windows\Panther 2014-06-04 11:26 - 2010-11-20 04:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe 2014-06-04 11:26 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL 2014-06-04 11:26 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL 2014-06-04 11:26 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll 2014-06-04 11:26 - 2010-11-20 04:30 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll 2014-06-04 11:26 - 2010-11-20 04:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2014-06-04 11:26 - 2010-11-20 04:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys 2014-06-04 11:26 - 2010-11-20 04:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys 2014-06-04 11:26 - 2010-11-20 04:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys 2014-06-04 11:26 - 2010-11-20 04:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys 2014-06-04 11:26 - 2010-11-20 04:30 - 00078208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2014-06-04 11:26 - 2010-11-20 04:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys 2014-06-04 11:26 - 2010-11-20 04:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll 2014-06-04 11:26 - 2010-11-20 04:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys 2014-06-04 11:26 - 2010-11-20 04:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll 2014-06-04 11:26 - 2010-11-20 04:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2014-06-04 11:26 - 2010-11-20 04:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll 2014-06-04 11:26 - 2010-11-20 04:24 - 00690680 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-06-04 11:26 - 2010-11-20 04:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll 2014-06-04 11:26 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2014-06-04 11:26 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00750592 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL 2014-06-04 11:26 - 2010-11-20 04:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL 2014-06-04 11:26 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll 2014-06-04 11:26 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-06-04 11:26 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL 2014-06-04 11:26 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL 2014-06-04 11:26 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL 2014-06-04 11:26 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll 2014-06-04 11:26 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL 2014-06-04 11:26 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL 2014-06-04 11:26 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2014-06-04 11:26 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL 2014-06-04 11:26 - 2010-11-20 04:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll |
|
11.06.2014, 20:06
| #10 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking PhishingCode:
ATTFilter 9424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll 2014-06-04 11:26 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe 2014-06-04 11:26 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll 2014-06-04 11:26 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL 2014-06-04 11:26 - 2010-11-20 04:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe 2014-06-04 11:26 - 2010-11-20 04:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe 2014-06-04 11:26 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr 2014-06-04 11:26 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl 2014-06-04 11:26 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2014-06-04 11:26 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl 2014-06-04 11:26 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2014-06-04 11:26 - 2010-11-20 04:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe 2014-06-04 11:26 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr 2014-06-04 11:26 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr 2014-06-04 11:26 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe 2014-06-04 11:26 - 2010-11-20 04:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe 2014-06-04 11:26 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl 2014-06-04 11:26 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax 2014-06-04 11:26 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax 2014-06-04 11:26 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax 2014-06-04 11:26 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll 2014-06-04 11:26 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll 2014-06-04 11:26 - 2010-11-20 04:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll 2014-06-04 11:26 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll 2014-06-04 11:26 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME 2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL 2014-06-04 11:26 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-06-04 11:26 - 2010-11-20 03:56 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-06-04 11:26 - 2010-11-20 03:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll 2014-06-04 11:26 - 2010-11-20 02:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys 2014-06-04 11:26 - 2010-11-20 02:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys 2014-06-04 11:26 - 2010-11-20 02:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys 2014-06-04 11:26 - 2010-11-20 02:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys 2014-06-04 11:26 - 2010-11-20 02:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys 2014-06-04 11:26 - 2010-11-20 02:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys 2014-06-04 11:26 - 2010-11-20 02:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys 2014-06-04 11:26 - 2010-11-20 02:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys 2014-06-04 11:26 - 2010-11-20 02:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys 2014-06-04 11:26 - 2010-11-20 01:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2014-06-04 11:26 - 2010-11-20 01:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys 2014-06-04 11:26 - 2010-11-20 01:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys 2014-06-04 11:26 - 2010-11-20 01:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys 2014-06-04 11:26 - 2010-11-20 01:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2014-06-04 11:26 - 2010-11-20 00:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys 2014-06-04 11:26 - 2010-11-20 00:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys 2014-06-04 11:26 - 2010-11-19 21:23 - 00053600 _____ () C:\Windows\system32\dosx.exe 2014-06-04 11:26 - 2010-11-04 18:20 - 00146852 _____ () C:\Windows\system32\systemsf.ebd 2014-06-04 11:26 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-06-04 11:26 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll 2014-06-04 11:26 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-06-04 11:26 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-06-04 11:26 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll 2014-06-04 11:26 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe 2014-06-04 11:26 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll 2014-06-04 11:25 - 2010-11-20 04:30 - 00160128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2014-06-04 11:25 - 2010-11-20 04:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2014-06-04 11:25 - 2010-11-20 04:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys 2014-06-04 11:25 - 2010-11-20 04:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2014-06-04 11:25 - 2010-11-20 04:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys 2014-06-04 11:25 - 2010-11-20 04:24 - 00508904 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-06-04 11:25 - 2010-11-20 04:24 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-06-04 11:25 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2014-06-04 11:25 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2014-06-04 11:25 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL 2014-06-04 11:25 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll 2014-06-04 11:25 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL 2014-06-04 11:25 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll 2014-06-04 11:25 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2014-06-04 11:25 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll 2014-06-04 11:25 - 2010-11-20 04:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe 2014-06-04 11:25 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll 2014-06-04 11:25 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll 2014-06-04 11:25 - 2010-11-20 04:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00257536 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgrade.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe 2014-06-04 11:25 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe 2014-06-04 11:25 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl 2014-06-04 11:25 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe 2014-06-04 11:25 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe 2014-06-04 11:25 - 2010-11-20 04:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl 2014-06-04 11:25 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr 2014-06-04 11:25 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl 2014-06-04 11:25 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp 2014-06-04 11:25 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr 2014-06-04 11:25 - 2010-11-20 04:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax 2014-06-04 11:25 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv 2014-06-04 11:25 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax 2014-06-04 11:25 - 2010-11-20 04:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe 2014-06-04 11:25 - 2010-11-20 04:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax 2014-06-04 11:25 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax 2014-06-04 11:25 - 2010-11-20 04:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe 2014-06-04 11:25 - 2010-11-20 04:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax 2014-06-04 11:25 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll 2014-06-04 11:25 - 2010-11-20 02:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll 2014-06-04 11:25 - 2010-11-20 02:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll 2014-06-04 11:25 - 2010-11-20 02:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2014-06-04 11:25 - 2010-11-20 02:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys 2014-06-04 11:25 - 2010-11-20 02:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys 2014-06-04 11:25 - 2010-11-20 02:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys 2014-06-04 11:25 - 2010-11-20 01:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-06-04 11:25 - 2010-11-20 00:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys 2014-06-04 11:25 - 2010-11-20 00:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys 2014-06-04 11:25 - 2010-11-20 00:40 - 00513536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2014-06-04 11:25 - 2010-11-20 00:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys 2014-06-04 11:25 - 2010-11-20 00:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2014-06-04 11:25 - 2010-11-20 00:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys 2014-06-04 11:25 - 2010-11-09 17:45 - 00010429 _____ () C:\Windows\system32\ScavengeSpace.xml 2014-06-04 11:25 - 2010-11-04 18:20 - 00105559 _____ () C:\Windows\system32\RacRules.xml 2014-06-04 11:25 - 2008-04-14 02:11 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll 2014-06-04 11:24 - 2010-11-20 04:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys 2014-06-04 11:24 - 2010-11-20 04:21 - 00521216 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-06-04 11:24 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll 2014-06-04 11:24 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll 2014-06-04 11:24 - 2010-11-20 04:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll 2014-06-04 11:24 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll 2014-06-04 11:24 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll 2014-06-04 11:24 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2014-06-04 11:24 - 2010-11-20 04:18 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll 2014-06-04 11:24 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll 2014-06-04 11:24 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe 2014-06-04 11:24 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe 2014-06-04 11:24 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe 2014-06-04 11:24 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe 2014-06-04 11:24 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl 2014-06-04 11:24 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl 2014-06-04 11:24 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2014-06-04 11:24 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl 2014-06-04 11:24 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax 2014-06-04 11:24 - 2010-11-20 04:16 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-06-04 11:24 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax 2014-06-04 11:24 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime 2014-06-04 11:24 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll 2014-06-04 11:24 - 2010-11-20 04:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL 2014-06-04 11:24 - 2010-11-20 04:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL 2014-06-04 11:24 - 2010-11-20 03:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll 2014-06-04 11:24 - 2010-11-20 02:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys 2014-06-04 11:24 - 2010-11-20 01:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-06-04 11:24 - 2010-11-20 01:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys 2014-06-04 11:24 - 2010-11-20 01:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys 2014-06-04 11:24 - 2010-11-20 00:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys 2014-06-04 11:24 - 2010-11-20 00:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys 2014-06-04 11:24 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll 2014-06-04 11:24 - 2008-04-14 02:11 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll 2014-06-04 11:20 - 2014-06-04 11:20 - 00000000 ____D () C:\Windows\system32\EventProviders 2014-06-04 11:13 - 2014-06-06 08:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-06-04 11:13 - 2014-06-04 11:13 - 00000000 ____D () C:\Program Files\Atheros 2014-06-04 11:13 - 2012-02-15 01:42 - 02841600 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athr.sys 2014-06-04 11:11 - 2014-06-04 11:13 - 00000000 ____D () C:\ProgramData\Atheros 2014-06-04 11:05 - 2014-06-09 14:31 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-04 11:02 - 2014-06-11 20:23 - 01438779 _____ () C:\Windows\WindowsUpdate.log 2014-06-04 11:01 - 2014-06-06 10:44 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore 2014-06-04 11:01 - 2014-06-04 11:01 - 00001413 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-04 11:00 - 2014-06-11 20:25 - 00000000 ____D () C:\Users\User\AppData\Local\Temp 2014-06-04 11:00 - 2014-06-04 11:00 - 00000020 ___SH () C:\Users\User\ntuser.ini 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Startmenü 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Druckumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 ____D () C:\Recovery 2014-06-04 11:00 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-04 11:00 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-06-04 10:53 - 2014-06-04 10:53 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-06-04 10:53 - 2014-06-04 10:53 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-06-04 10:50 - 2014-06-04 10:53 - 00001313 _____ () C:\Windows\TSSysprep.log ==================== One Month Modified Files and Folders ======= 2014-06-11 20:29 - 2014-06-11 20:28 - 00014262 _____ () C:\Users\User\Desktop\FRST.txt 2014-06-11 20:29 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Admin\AppData\Local\temp 2014-06-11 20:28 - 2014-06-10 10:09 - 00000000 ____D () C:\FRST 2014-06-11 20:27 - 2014-06-11 20:27 - 00000000 ____D () C:\Users\User\Desktop\FRST-OlderVersion 2014-06-11 20:27 - 2014-06-11 20:26 - 01073152 _____ (Farbar) C:\Users\User\Desktop\FRST.exe 2014-06-11 20:25 - 2014-06-04 11:00 - 00000000 ____D () C:\Users\User\AppData\Local\Temp 2014-06-11 20:24 - 2014-06-05 21:04 - 00000618 _____ () C:\Windows\Tasks\Scheduled scanning task.job 2014-06-11 20:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-11 20:24 - 2009-07-14 06:39 - 00023465 _____ () C:\Windows\setupact.log 2014-06-11 20:23 - 2014-06-04 15:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-11 20:23 - 2014-06-04 11:02 - 01438779 _____ () C:\Windows\WindowsUpdate.log 2014-06-11 03:04 - 2009-07-14 06:34 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-11 03:04 - 2009-07-14 06:34 - 00014912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-10 20:56 - 2014-06-04 12:23 - 00045006 _____ () C:\Windows\PFRO.log 2014-06-10 20:19 - 2014-06-10 20:19 - 00025467 _____ () C:\ComboFix.txt 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Public\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Default\AppData\Local\temp 2014-06-10 20:19 - 2014-06-10 20:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp 2014-06-10 20:19 - 2014-06-05 14:33 - 00000000 ____D () C:\Qoobox 2014-06-10 20:18 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini 2014-06-10 20:07 - 2014-06-10 20:07 - 05205915 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe 2014-06-10 20:07 - 2014-06-10 20:06 - 05205915 _____ (Swearware) C:\Users\User\Downloads\ComboFix.exe 2014-06-10 17:09 - 2014-06-10 17:09 - 00000625 _____ () C:\Users\Admin\Desktop\JRT.txt 2014-06-10 16:49 - 2014-06-10 16:42 - 00000000 ____D () C:\AdwCleaner 2014-06-10 16:42 - 2014-06-10 16:42 - 01333465 _____ () C:\Users\Admin\Downloads\adwcleaner_3.212.exe 2014-06-10 16:09 - 2014-06-10 16:09 - 05701712 _____ () C:\Users\User\Downloads\bitdefender_14isecurity.exe 2014-06-10 12:19 - 2014-06-07 19:06 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-10 10:11 - 2014-06-10 10:10 - 00019557 _____ () C:\Users\Admin\Downloads\Addition.txt 2014-06-10 10:11 - 2014-06-10 10:09 - 00227400 _____ () C:\Users\Admin\Downloads\FRST.txt 2014-06-09 15:18 - 2014-06-04 15:21 - 00000000 ____D () C:\Windows\system32\NV 2014-06-09 15:18 - 2014-06-04 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-09 14:31 - 2014-06-04 11:05 - 01621742 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-06-09 14:30 - 2014-06-09 14:30 - 02282688 _____ (1&1 Mail & Media GmbH) C:\Users\User\Downloads\gmx_mediacenter_setup.exe 2014-06-09 11:33 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2014 2014-06-08 15:32 - 2014-06-06 09:39 - 00000000 ____D () C:\Program Files\ElsterFormular 2014-06-08 15:30 - 2014-06-08 15:30 - 00000000 ____D () C:\Users\User\AppData\Roaming\F-Secure 2014-06-08 15:30 - 2014-06-08 15:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\elsterformular 2014-06-08 15:30 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin 2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\elsterformular 2014-06-08 15:29 - 2014-06-08 15:29 - 00000000 ____D () C:\Users\User\AppData\Local\Lidl_Fotos 2014-06-07 19:06 - 2014-06-07 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-07 19:06 - 2014-06-07 19:06 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-06-07 19:04 - 2014-06-07 19:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-06-07 18:50 - 2014-06-07 18:50 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-07 18:50 - 2014-06-04 13:16 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-06 15:58 - 2014-06-06 15:57 - 00000000 ____D () C:\Users\Admin\Downloads\FRST-OlderVersion 2014-06-06 15:58 - 2014-06-05 14:51 - 01063424 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe 2014-06-06 15:58 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore 2014-06-06 15:36 - 2014-06-06 15:36 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini 2014-06-06 15:33 - 2009-07-14 06:33 - 00301664 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-06-06 12:59 - 2014-06-04 12:15 - 00064800 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-06 12:55 - 2014-06-05 14:29 - 00064800 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-06-06 12:36 - 2014-06-06 12:36 - 00000910 _____ () C:\Users\User\Desktop\Guitar Pro 5.lnk 2014-06-06 12:36 - 2014-06-06 12:36 - 00000910 _____ () C:\Users\Admin\Desktop\Guitar Pro 5.lnk 2014-06-06 12:36 - 2014-06-06 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5 2014-06-06 12:36 - 2014-06-06 12:36 - 00000000 ____D () C:\Program Files\Guitar Pro 5 2014-06-06 12:01 - 2014-06-06 12:01 - 00854367 _____ () C:\Users\User\Downloads\SecurityCheck.exe 2014-06-06 11:35 - 2014-06-06 11:35 - 00045097 _____ () C:\Users\Admin\Desktop\GMER.log 2014-06-06 11:10 - 2014-06-06 11:10 - 00000000 _____ () C:\Users\Admin\defogger_reenable 2014-06-06 11:10 - 2014-06-06 11:09 - 00050477 _____ () C:\Users\User\Downloads\Defogger.exe 2014-06-06 11:07 - 2014-06-06 11:07 - 00380416 _____ () C:\Users\User\Downloads\GMER.exe 2014-06-06 10:44 - 2014-06-06 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secure Banking 2014-06-06 10:44 - 2014-06-06 10:43 - 00000000 ____D () C:\Program Files\Secure Banking 2014-06-06 10:44 - 2014-06-04 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\VirtualStore 2014-06-06 10:40 - 2014-06-06 10:40 - 00441354 _____ (Hopfgartner Niklas ) C:\Users\User\Downloads\setup152.exe 2014-06-06 10:17 - 2014-06-06 10:17 - 00000000 ____D () C:\Program Files\ESET 2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular 2014-06-06 09:39 - 2014-06-06 09:39 - 00000000 ____D () C:\ProgramData\elsterformular 2014-06-06 09:37 - 2014-06-06 09:37 - 00001841 _____ () C:\Users\Admin\Desktop\Lidl-Fotos.lnk 2014-06-06 09:37 - 2014-06-06 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lidl-Fotos 2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\ProgramData\Lidl_Fotos 2014-06-06 09:36 - 2014-06-06 09:36 - 00000000 ____D () C:\Program Files\Lidl_Fotos 2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\ProgramData\Acer 2014-06-06 08:40 - 2014-06-06 08:40 - 00000000 ____D () C:\Program Files\Acer 2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A 2014-06-06 08:39 - 2014-06-06 08:39 - 00000000 ____D () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A 2014-06-06 08:39 - 2014-06-04 11:13 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-06-06 08:38 - 2014-06-06 08:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\InstallShield 2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A 2014-06-06 08:36 - 2014-06-06 08:36 - 00000000 ____D () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A 2014-06-06 08:15 - 2014-06-06 08:15 - 22464416 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_2.1.23.0_W7x64_A.zip 2014-06-06 08:15 - 2014-06-06 08:15 - 07580658 _____ () C:\Users\User\Downloads\LaunchManager_Dritek_5.1.13_W7x64_A.zip 2014-06-06 08:15 - 2014-06-06 08:14 - 08163850 _____ () C:\Users\User\Downloads\Application_Acer_1.02.3502_W7x64_A.zip 2014-06-06 08:14 - 2014-06-06 08:14 - 41661051 _____ () C:\Users\User\Downloads\Turbo Boost_Intel_8.0.0.1262_W7x64_A.zip 2014-06-05 21:07 - 2014-06-05 21:00 - 00044240 _____ () C:\Windows\system32\Drivers\fsbts.sys 2014-06-05 21:01 - 2014-06-05 20:52 - 00000000 ____D () C:\Program Files\Kabel Deutschland 2014-06-05 21:01 - 2014-06-05 13:25 - 00000000 ____D () C:\ProgramData\F-Secure 2014-06-05 21:00 - 2014-06-05 20:59 - 00002395 _____ () C:\Windows\DAASINST.LOG 2014-06-05 21:00 - 2014-06-05 13:45 - 00001308 _____ () C:\Windows\fsav_db_setup.log 2014-06-05 21:00 - 2014-06-05 13:44 - 03784497 _____ () C:\Windows\FSISU.log 2014-06-05 21:00 - 2014-06-05 13:44 - 01654951 _____ () C:\Windows\FSSFM.log 2014-06-05 21:00 - 2014-06-05 13:44 - 01420006 _____ () C:\Windows\FSSETUP.log 2014-06-05 21:00 - 2014-06-05 13:44 - 00248673 _____ () C:\Windows\FSPROD.log 2014-06-05 21:00 - 2014-06-05 13:44 - 00194615 _____ () C:\Windows\RunSetup.log 2014-06-05 21:00 - 2014-06-05 13:44 - 00133760 _____ () C:\Windows\FSAVINST.LOG 2014-06-05 21:00 - 2014-06-05 13:44 - 00012091 _____ () C:\Windows\FSGKIAIN.log 2014-06-05 21:00 - 2014-06-05 13:44 - 00010527 _____ () C:\Windows\FSAVCSIN.LOG 2014-06-05 21:00 - 2014-06-05 13:44 - 00005405 _____ () C:\Windows\FSLDIN.LOG 2014-06-05 21:00 - 2014-06-05 13:44 - 00003473 _____ () C:\Windows\fsavunin.log 2014-06-05 20:59 - 2014-06-05 13:45 - 00019462 _____ () C:\Windows\prodsett_copy.ini 2014-06-05 20:59 - 2014-06-05 13:44 - 00366699 _____ () C:\Windows\FSDEPH.log 2014-06-05 20:59 - 2014-06-05 13:44 - 00035323 _____ () C:\Windows\fspplugin.log 2014-06-05 20:56 - 2014-06-04 12:15 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-06-05 20:52 - 2014-06-05 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kabel Deutschland 2014-06-05 20:50 - 2014-06-05 20:50 - 00859072 _____ (F-Secure Corporation) C:\Users\User\Downloads\Sicherheitspaket.exe 2014-06-05 20:35 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-06-05 20:25 - 2014-06-05 20:25 - 00000248 _____ () C:\Users\User\Desktop\Webinterface-Anmeldung.URL 2014-06-05 20:25 - 2014-06-04 12:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\ICAClient 2014-06-05 16:15 - 2014-06-05 16:15 - 00000000 ____D () C:\Users\Admin\AppData\Local\PDF24 2014-06-05 15:24 - 2014-06-05 15:21 - 00000363 _____ () C:\Users\Admin\Downloads\##1 How To Do.txt 2014-06-05 15:15 - 2014-06-05 15:15 - 00707354 _____ () C:\Windows\unins000.exe 2014-06-05 15:15 - 2014-06-05 15:15 - 00001536 _____ () C:\Windows\unins000.dat 2014-06-05 15:15 - 2014-06-05 15:15 - 00000000 ____D () C:\Windows\system32\GPBAK 2014-06-05 15:15 - 2011-04-09 10:44 - 00901344 _____ (Richard ) C:\Users\Admin\Downloads\GPEdit für Windows 7 Home Installation.exe 2014-06-05 15:15 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia 2014-06-05 15:12 - 2014-06-05 15:12 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia 2014-06-05 15:06 - 2014-06-05 15:06 - 00000000 ____D () C:\Windows\ERUNT 2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieUserList 2014-06-05 15:05 - 2014-06-05 15:05 - 00000000 __SHD () C:\Users\Admin\AppData\Local\EmieSiteList 2014-06-05 15:04 - 2014-06-05 15:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2014-06-05 15:04 - 2014-06-05 15:03 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2014-06-05 14:58 - 2014-06-05 14:58 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\Junk Removal Tool.exe 2014-06-05 14:47 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default 2014-06-05 14:47 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public 2014-06-05 14:45 - 2014-06-05 14:32 - 00000000 ____D () C:\Windows\erdnt 2014-06-05 14:32 - 2014-06-05 14:32 - 05205146 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe 2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ICAClient 2014-06-05 14:29 - 2014-06-05 14:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Citrix 2014-06-05 14:28 - 2014-06-05 14:28 - 00001429 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-05 14:28 - 2014-06-05 14:28 - 00000020 ___SH () C:\Users\Admin\ntuser.ini 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Startmenü 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf 2014-06-05 14:28 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2014-06-05 14:25 - 2014-06-05 14:24 - 00448512 _____ (OldTimer Tools) C:\Users\Admin\Downloads\Temporary File Cleaner.exe 2014-06-05 14:19 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-06-05 14:15 - 2014-06-05 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in 2014-06-05 14:11 - 2014-06-05 13:26 - 00000000 ____D () C:\Program Files\F-Secure 2014-06-05 14:10 - 2014-06-05 14:10 - 11268944 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MSEInstall.exe 2014-06-05 14:09 - 2014-06-05 14:07 - 00178707 _____ () C:\Windows\FSUNINST.log 2014-06-05 14:09 - 2014-06-05 14:07 - 00008237 _____ () C:\Windows\uninstaller.log 2014-06-05 14:08 - 2014-06-05 14:07 - 00000069 _____ () C:\Windows\fsavunin_2.log 2014-06-05 14:08 - 2014-06-05 13:44 - 00000675 _____ () C:\Windows\fstnbins.LOG 2014-06-05 13:48 - 2014-06-05 13:48 - 00000000 ____D () C:\Users\User\AppData\Local\F-Secure 2014-06-05 13:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\AppCompat 2014-06-05 13:17 - 2014-06-04 13:02 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-05 13:15 - 2014-06-04 13:02 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-06-05 13:13 - 2014-06-05 13:13 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-06-05 13:06 - 2014-06-05 13:06 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-05 13:05 - 2014-06-05 13:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\Malewarebytes Anti Malware.exe 2014-06-05 12:48 - 2014-06-04 13:22 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe 2014-06-05 12:43 - 2014-06-05 12:43 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe 2014-06-04 16:13 - 2014-06-05 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help 2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-06-04 16:13 - 2014-06-04 16:13 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-06-04 16:13 - 2014-06-04 13:06 - 00000000 ____D () C:\Program Files\Microsoft Works 2014-06-04 16:13 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-06-04 16:10 - 2014-06-04 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-06-04 16:10 - 2014-06-04 14:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Roaming\Macromedia 2014-06-04 15:42 - 2014-06-04 15:42 - 00000000 ____D () C:\Users\User\AppData\Local\Macromedia 2014-06-04 15:41 - 2014-06-04 15:41 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-06-04 15:41 - 2014-06-04 15:41 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-06-04 15:41 - 2014-06-04 15:41 - 00000000 ____D () C:\Windows\system32\Macromed 2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla 2014-06-04 15:38 - 2014-06-04 15:38 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla 2014-06-04 15:37 - 2014-06-04 15:37 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-04 15:37 - 2014-06-04 15:37 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\ProgramData\Mozilla 2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-06-04 15:37 - 2014-06-04 15:37 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-06-04 15:21 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-06-04 15:16 - 2014-06-04 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-04 15:16 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE 2014-06-04 15:16 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\System 2014-06-04 15:15 - 2009-07-14 10:56 - 00000000 ____D () C:\Program Files\Windows Journal 2014-06-04 15:14 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Defender 2014-06-04 14:31 - 2014-06-04 13:05 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-06-04 14:27 - 2014-06-04 14:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-04 14:24 - 2014-06-04 14:24 - 00000000 ___RD () C:\Users\User\AppData\Roaming\Brother 2014-06-04 14:11 - 2014-06-04 12:45 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-04 14:06 - 2014-06-04 14:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-06-04 14:02 - 2014-06-04 14:02 - 00000425 _____ () C:\Windows\BRWMARK.INI 2014-06-04 14:02 - 2014-06-04 14:02 - 00000027 _____ () C:\Windows\BRPP2KA.INI 2014-06-04 14:02 - 2014-06-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother 2014-06-04 14:01 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32 2014-06-04 14:00 - 2014-06-04 14:00 - 00000050 _____ () C:\Windows\system32\bridf08b.dat 2014-06-04 14:00 - 2014-06-04 13:54 - 00000000 ____D () C:\Program Files\Brother 2014-06-04 13:57 - 2014-06-04 13:57 - 00000000 ____D () C:\ProgramData\Brother 2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieUserList 2014-06-04 13:34 - 2014-06-04 13:34 - 00000000 __SHD () C:\Users\User\AppData\Local\EmieSiteList 2014-06-04 13:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-HK 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\tr-TR 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-PT 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pt-BR 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nl-NL 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\it-IT 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fr-FR 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI 2014-06-04 13:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR 2014-06-04 13:17 - 2014-06-04 13:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-06-04 13:17 - 2014-06-04 13:16 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-06-04 13:16 - 2014-06-04 13:16 - 00000000 ____D () C:\Program Files\Adobe 2014-06-04 13:15 - 2014-06-04 13:03 - 00016641 _____ () C:\Windows\IE11_main.log 2014-06-04 13:14 - 2014-06-04 13:14 - 00000000 ____D () C:\Users\User\AppData\Local\PDF24 2014-06-04 13:13 - 2014-06-05 20:15 - 00001841 _____ () C:\Users\User\Desktop\PDF24 Creator.lnk 2014-06-04 13:13 - 2014-06-04 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-06-04 13:13 - 2014-06-04 13:12 - 00000000 ____D () C:\Program Files\PDF24 2014-06-04 13:12 - 2014-06-04 13:12 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-04 13:12 - 2014-06-04 13:12 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-06-04 13:12 - 2014-06-04 13:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-06-04 13:12 - 2014-06-04 13:12 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-06-04 13:12 - 2014-06-04 13:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-06-04 13:12 - 2014-06-04 13:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-04 13:11 - 2014-06-04 13:11 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-06-04 13:11 - 2014-06-04 13:11 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00187752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-04 13:11 - 2014-06-04 13:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-06-04 13:11 - 2014-06-04 13:11 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe 2014-06-04 13:11 - 2014-06-04 13:11 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-06-04 13:11 - 2014-06-04 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-06-04 13:09 - 2014-06-04 13:09 - 02284544 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00906240 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-06-04 13:09 - 2014-06-04 13:09 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Wohnung ********* 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Steuer 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\Sparda 2014-06-04 13:08 - 2014-06-04 13:08 - 00000000 ____D () C:\Users\User\Documents\samsung 2014-06-04 13:08 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Rezepte 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\restore 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Rechtschutz ***** 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\PDF24 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\Kabel Deutschland 2014-06-04 13:07 - 2014-06-04 13:07 - 00000000 ____D () C:\Users\User\Documents\ICQ 2014-06-04 13:06 - 2014-06-04 13:06 - 00000000 ____D () C:\Users\User\Documents\Handy 2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Windows\PCHEALTH 2014-06-04 13:05 - 2014-06-04 13:05 - 00000000 ____D () C:\Users\User\Documents\Eigene Scans 2014-06-04 13:04 - 2014-06-04 13:04 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\EA Games 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bluetooth Folder 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2013 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Bewerbung ***** 2012 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Apowersoft Free Audio Recorder 2014-06-04 13:04 - 2014-06-04 13:04 - 00000000 ____D () C:\Users\User\Documents\Ahnenforschung 2014-06-04 13:03 - 2009-07-14 10:57 - 00000000 ____D () C:\Windows\ShellNew 2014-06-04 13:02 - 2014-06-04 13:02 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Help 2014-06-04 13:01 - 2014-06-04 13:01 - 00000000 ___RD () C:\MSOCache 2014-06-04 12:51 - 2014-06-04 12:51 - 00001564 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Receiver.lnk 2014-06-04 12:51 - 2014-06-04 12:50 - 00000000 ____D () C:\Users\User\AppData\Local\Citrix 2014-06-04 12:51 - 2014-06-04 12:50 - 00000000 ____D () C:\ProgramData\Citrix 2014-06-04 12:51 - 2014-06-04 12:50 - 00000000 ____D () C:\Program Files\Citrix 2014-06-04 12:50 - 2014-06-04 12:50 - 00000000 ____D () C:\Program Files\Common Files\Citrix 2014-06-04 12:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help 2014-06-04 12:45 - 2014-06-04 12:45 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-06-04 12:44 - 2014-06-04 12:44 - 00000000 ____D () C:\Program Files\Common Files\Intel 2014-06-04 12:44 - 2014-06-04 12:17 - 00000000 ____D () C:\Program Files\Intel 2014-06-04 12:43 - 2014-06-04 12:17 - 00000000 ____D () C:\Intel 2014-06-04 12:41 - 2012-03-07 07:19 - 06212376 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe 2014-06-04 12:41 - 2012-03-07 07:19 - 00276248 _____ (Intel Corporation) C:\Windows\system32\IntelCpHeciSvc.exe 2014-06-04 12:41 - 2012-03-07 07:19 - 00269592 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe 2014-06-04 12:41 - 2012-03-07 07:19 - 00195864 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2014-06-04 12:41 - 2012-03-07 07:19 - 00188184 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe 2014-06-04 12:41 - 2012-03-07 07:19 - 00180504 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe 2014-06-04 12:41 - 2012-03-07 07:19 - 00144664 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe 2014-06-04 12:41 - 2012-02-28 17:10 - 00080180 _____ () C:\Windows\system32\iglhxs32.vp 2014-06-04 12:41 - 2012-02-28 16:59 - 00081920 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2669.dll 2014-06-04 12:41 - 2012-02-28 16:58 - 00735796 _____ () C:\Windows\system32\igkrng700.bin 2014-06-04 12:41 - 2012-02-28 16:58 - 00561508 _____ () C:\Windows\system32\igfcg700m.bin 2014-06-04 12:41 - 2012-02-28 16:53 - 13207552 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys 2014-06-04 12:41 - 2012-02-28 16:53 - 06122496 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll 2014-06-04 12:41 - 2012-02-28 16:52 - 00058880 _____ () C:\Windows\system32\igdde32.dll 2014-06-04 12:41 - 2012-02-28 16:44 - 07794688 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll 2014-06-04 12:41 - 2012-02-28 16:38 - 02866688 _____ (Intel Corporation) C:\Windows\system32\igdbcl32.dll 2014-06-04 12:41 - 2012-02-28 16:38 - 00518144 _____ (Intel Corporation) C:\Windows\system32\igdrcl32.dll 2014-06-04 12:41 - 2012-02-28 16:38 - 00188416 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL32.dll 2014-06-04 12:41 - 2012-02-28 16:26 - 23460864 _____ (Intel Corporation) C:\Windows\system32\igdfcl32.dll 2014-06-04 12:41 - 2012-02-28 16:15 - 13024256 _____ () C:\Windows\system32\ig7icd32.dll 2014-06-04 12:41 - 2012-02-28 16:10 - 00221099 _____ () C:\Windows\system32\Gfxres.th-TH.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00191775 _____ () C:\Windows\system32\Gfxres.ru-RU.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00161613 _____ () C:\Windows\system32\Gfxres.ja-JP.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00146675 _____ () C:\Windows\system32\Gfxres.ko-KR.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00144338 _____ () C:\Windows\system32\Gfxres.ro-RO.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00143155 _____ () C:\Windows\system32\Gfxres.tr-TR.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00142664 _____ () C:\Windows\system32\Gfxres.pt-BR.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00142335 _____ () C:\Windows\system32\Gfxres.nl-NL.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00141644 _____ () C:\Windows\system32\Gfxres.pt-PT.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00141435 _____ () C:\Windows\system32\Gfxres.sv-SE.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00140923 _____ () C:\Windows\system32\Gfxres.pl-PL.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00140122 _____ () C:\Windows\system32\Gfxres.sk-SK.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00139487 _____ () C:\Windows\system32\Gfxres.hr-HR.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00136451 _____ () C:\Windows\system32\Gfxres.sl-SI.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00136369 _____ () C:\Windows\system32\Gfxres.nb-NO.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00124962 _____ () C:\Windows\system32\Gfxres.zh-TW.resources 2014-06-04 12:41 - 2012-02-28 16:10 - 00123467 _____ () C:\Windows\system32\Gfxres.zh-CN.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436736 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00436224 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435200 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00435200 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00433664 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00433664 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00430080 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00427008 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00426496 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc 2014-06-04 12:41 - 2012-02-28 16:09 - 00313344 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll 2014-06-04 12:41 - 2012-02-28 16:09 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll 2014-06-04 12:41 - 2012-02-28 16:09 - 00207830 _____ () C:\Windows\system32\Gfxres.el-GR.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00164334 _____ () C:\Windows\system32\Gfxres.ar-SA.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00157226 _____ () C:\Windows\system32\Gfxres.he-IL.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00148033 _____ () C:\Windows\system32\Gfxres.it-IT.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00145687 _____ () C:\Windows\system32\Gfxres.es-ES.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00145577 _____ () C:\Windows\system32\Gfxres.de-DE.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00143805 _____ () C:\Windows\system32\Gfxres.fr-FR.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00142189 _____ () C:\Windows\system32\Gfxres.hu-HU.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00140885 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00140549 _____ () C:\Windows\system32\Gfxres.fi-FI.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00135868 _____ () C:\Windows\system32\Gfxres.da-DK.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00131317 _____ () C:\Windows\system32\Gfxres.en-US.resources 2014-06-04 12:41 - 2012-02-28 16:09 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll 2014-06-04 12:41 - 2012-02-28 16:09 - 00120320 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl 2014-06-04 12:41 - 2012-02-28 16:09 - 00059392 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll 2014-06-04 12:41 - 2012-02-28 16:09 - 00025088 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll 2014-06-04 12:41 - 2012-02-28 16:08 - 09023488 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll 2014-06-04 12:41 - 2012-02-28 16:08 - 00321024 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll 2014-06-04 12:41 - 2012-02-28 16:08 - 00284160 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc 2014-06-04 12:41 - 2012-02-28 16:08 - 00172544 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll 2014-06-04 12:41 - 2012-02-28 16:08 - 00096256 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll 2014-06-04 12:41 - 2012-02-28 16:08 - 00009216 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 02321408 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit32.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 01921265 _____ () C:\Windows\system32\iglhxa32.cpa 2014-06-04 12:41 - 2012-02-28 16:07 - 00519680 _____ (Intel Corporation) C:\Windows\system32\iglhsip32.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 00237056 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt32.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 00177152 _____ (Intel Corporation) C:\Windows\system32\iglhcp32.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 00094208 _____ () C:\Windows\system32\IccLibDll.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 00059594 _____ () C:\Windows\system32\iglhxc32.vp 2014-06-04 12:41 - 2012-02-28 16:07 - 00059384 _____ () C:\Windows\system32\iglhxc32_dev.vp 2014-06-04 12:41 - 2012-02-28 16:07 - 00059328 _____ () C:\Windows\system32\iglhxg32_dev.vp 2014-06-04 12:41 - 2012-02-28 16:07 - 00059215 _____ () C:\Windows\system32\iglhxo32_dev.vp 2014-06-04 12:41 - 2012-02-28 16:07 - 00058781 _____ () C:\Windows\system32\iglhxo32.vp 2014-06-04 12:41 - 2012-02-28 16:07 - 00058684 _____ () C:\Windows\system32\iglhxg32.vp 2014-06-04 12:41 - 2012-02-28 16:07 - 00051200 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-06-04 12:41 - 2012-02-28 16:07 - 00001074 _____ () C:\Windows\system32\iglhxa32.vp 2014-06-04 12:41 - 2011-12-06 19:22 - 00280576 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys 2014-06-04 12:41 - 2011-12-06 19:21 - 00012288 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll 2014-06-04 12:38 - 2014-06-04 12:37 - 00000000 ____D () C:\ProgramData\Intel 2014-06-04 12:37 - 2014-06-04 12:38 - 00015128 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll 2014-06-04 12:37 - 2014-06-04 12:37 - 00000000 ____D () C:\Program Files\Common Files\postureAgent 2014-06-04 12:36 - 2014-06-04 12:21 - 00000000 ____D () C:\Program Files\Broadcom 2014-06-04 12:35 - 2014-06-04 12:45 - 01009512 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco32.dll 2014-06-04 12:35 - 2014-06-04 12:45 - 00888168 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco32.dll 2014-06-04 12:34 - 2014-06-04 12:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2014-06-04 12:33 - 2014-06-04 12:34 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll 2014-06-04 12:33 - 2012-02-27 19:01 - 00792856 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys 2014-06-04 12:33 - 2012-02-27 19:01 - 00348440 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys 2014-06-04 12:33 - 2012-02-27 19:01 - 00013592 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys 2014-06-04 12:31 - 2014-06-04 12:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll 2014-06-04 12:26 - 2014-06-04 12:26 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation 2014-06-04 12:25 - 2014-06-04 12:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Intel Corporation 2014-06-04 12:22 - 2014-06-04 12:22 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Windows\Downloaded Installations 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby 2014-06-04 12:20 - 2014-06-04 12:20 - 00000000 ____D () C:\Dolby PCEE4 2014-06-04 12:20 - 2014-06-04 12:19 - 00000000 ___HD () C:\Program Files\Temp 2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Windows\system32\RTCOM 2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Realtek 2014-06-04 12:19 - 2014-06-04 12:19 - 00000000 ____D () C:\Program Files\Common Files\InstallShield 2014-06-04 12:18 - 2014-06-04 12:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2014-06-04 12:17 - 2014-06-04 12:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\InstallShield 2014-06-04 12:16 - 2014-06-04 12:19 - 07783768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 05096448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 03238608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys 2014-06-04 12:16 - 2014-06-04 12:19 - 03173008 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 02417808 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 02193472 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01836376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01783056 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesLib.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01725784 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01706640 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01509480 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01497704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl 2014-06-04 12:16 - 2014-06-04 12:19 - 01292904 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01220200 _____ (DTS) C:\Windows\system32\DTSBoostDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 01185112 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek2.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00709976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00654952 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00645776 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00631400 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00601704 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00546944 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00458344 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00389736 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00375400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00350552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00293480 _____ (Realtek Semiconductor) C:\Windows\system32\RtkGuiCompLib.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00290813 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-06-04 12:16 - 2014-06-04 12:19 - 00259928 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00247560 _____ () C:\Windows\system32\Drivers\RTConvEQ.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00232792 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPONS.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00218728 _____ (DTS) C:\Windows\system32\DTSGFXAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00218216 _____ (DTS) C:\Windows\system32\DTSLFXAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00214368 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00185584 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSHD.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00176736 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00173296 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP360.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00155008 _____ () C:\Windows\system32\Drivers\RtPCEE4.DAT 2014-06-04 12:16 - 2014-06-04 12:19 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00132368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00087696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00074080 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00068960 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00039672 _____ () C:\Windows\system32\Drivers\RtPCEE3.DAT 2014-06-04 12:16 - 2014-06-04 12:19 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll 2014-06-04 12:16 - 2014-06-04 12:19 - 00001448 _____ () C:\Windows\system32\Drivers\RtHdatEx.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000712 _____ () C:\Windows\system32\Drivers\RTMICEQ0.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000712 _____ () C:\Windows\system32\Drivers\RTEQEX0.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX3.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX2.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000520 _____ () C:\Windows\system32\Drivers\RTEQEX1.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000176 _____ () C:\Windows\system32\Drivers\RTHDAEQ1.dat 2014-06-04 12:16 - 2014-06-04 12:19 - 00000024 _____ () C:\Windows\system32\Drivers\rtkhdaud.dat 2014-06-04 12:09 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\de-DE 2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Sidebar 2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Windows Photo Viewer 2014-06-04 12:09 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\DVD Maker 2014-06-04 12:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2014-06-04 12:05 - 2014-06-04 12:05 - 00000000 ____D () C:\Windows\system32\SPReview 2014-06-04 12:03 - 2009-07-14 04:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll 2014-06-04 11:49 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-06-04 11:49 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2014-06-04 11:20 - 2014-06-04 11:20 - 00000000 ____D () C:\Windows\system32\EventProviders 2014-06-04 11:17 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF 2014-06-04 11:13 - 2014-06-04 11:13 - 00000000 ____D () C:\Program Files\Atheros 2014-06-04 11:13 - 2014-06-04 11:11 - 00000000 ____D () C:\ProgramData\Atheros 2014-06-04 11:11 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore 2014-06-04 11:01 - 2014-06-04 11:01 - 00001413 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-04 11:01 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache 2014-06-04 11:00 - 2014-06-04 11:49 - 00000000 ____D () C:\Windows\Panther 2014-06-04 11:00 - 2014-06-04 11:00 - 00000020 ___SH () C:\Users\User\ntuser.ini 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Startmenü 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Netzwerkumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Druckumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\User\AppData\Local\Verlauf 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-06-04 11:00 - 2014-06-04 11:00 - 00000000 ____D () C:\Recovery 2014-06-04 11:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-06-04 10:53 - 2014-06-04 10:53 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-06-04 10:53 - 2014-06-04 10:53 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-06-04 10:53 - 2014-06-04 10:50 - 00001313 _____ () C:\Windows\TSSysprep.log 2014-06-04 10:53 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-06-04 10:50 - 2009-07-14 06:34 - 00001774 _____ () C:\Windows\DtcInstall.log 2014-05-12 07:26 - 2014-06-07 19:06 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-06-07 19:06 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:25 - 2014-06-07 19:06 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-04 10:49 ==================== End Of Log ============================ |
|
11.06.2014, 20:08
| #11 |
| | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:11-06-2014 01
Ran by Admin at 2014-06-11 20:32:58
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Computer Sicherheit (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Sicherheit (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3502 - Acer Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
Brother MFL-Pro Suite DCP-585CW (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Citrix Authentication Manager (Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver (USB) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Computer Security 12.77.101.0 (release) (Version: 12.77.101.0 - F-Secure Corporation) Hidden
Dolby Home Theater v4 (HKLM\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.13 - Dolby Laboratories Inc)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
F-Secure CCF Reputation (Version: 1.0.25.1756 - F-Secure) Hidden
F-Secure CCF Scanning 1.23.124.8831 (release) (Version: 1.23.124.8831 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (Version: 1.02.128.1 - F-Secure Corporation) Hidden
gpedt.msc 1.0 (HKLM\...\{10B9C608-BF7C-4CCF-A658-C01D969DCA21}_is1) (Version: - Richard)
Guitar Pro 5.2 (HKLM\...\Guitar Pro 5_is1) (Version: - Arobas Music)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2669 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{51A66ED3-200E-4147-8D1E-E8D30936FD26}) (Version: 1.23.605.1 - Intel Corporation)
Kabel Deutschland Launchpad (HKLM\...\F-Secure ServiceEnabler 44553) (Version: 1.77.243.0 - F-Secure Corporation)
Kabel Deutschland Launchpad (Version: 1.77.243.0 - F-Secure Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.14.17 (Version: 1.14.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0613 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Systemsteuerung 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.14.17 - NVIDIA Corporation) Hidden
Online Plug-in (Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Online Safety 2.77.1170.803 (Version: 2.77.1170.803 - F-Secure Corporation) Hidden
PDF24 Creator 6.5.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Qualcomm Atheros WiFi Driver Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Secure Banking Version 1.5.2 (HKLM\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)
Self-Service Plug-in (Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
==================== Restore Points =========================
04-06-2014 09:23:55 Windows 7 Service Pack 1
04-06-2014 10:16:38 Windows Update
04-06-2014 10:21:28 Installed Broadcom Card Reader Driver Installer.
04-06-2014 10:27:33 Windows Update
04-06-2014 10:33:34 Windows Update
04-06-2014 10:35:48 Installed Broadcom NetLink Controller.
04-06-2014 11:01:17 Installed Microsoft Office Home and Student 2007
04-06-2014 11:01:23 Windows Update
04-06-2014 11:59:55 Installiert MFL-Pro Suite
04-06-2014 12:01:09 Gerätetreiber-Paketinstallation: Brother Bildverarbeitungsgeräte
04-06-2014 12:08:52 Windows Update
04-06-2014 13:35:22 Windows Update
04-06-2014 13:46:09 Installed Java 7 Update 60
04-06-2014 14:08:19 Windows Update
05-06-2014 11:06:39 Windows Update
05-06-2014 11:27:49 Windows Update
05-06-2014 11:33:13 Windows Update
05-06-2014 11:51:28 Removed Java 7 Update 60
05-06-2014 11:58:45 Microsoft Office Live Add-in 1.5 wird entfernt
05-06-2014 12:10:33 Removed F-Secure
05-06-2014 12:13:53 Windows Update
06-06-2014 06:39:42 Installiert Acer Updater
10-06-2014 18:10:34 ComboFix created restore point
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {6ED28045-7F03-481C-BA16-137FC7F442B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-04] (Adobe Systems Incorporated)
Task: {D8C77823-4E65-490B-9703-1D5E35FDB097} - System32\Tasks\Scheduled scanning task => C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-08-20] (F-Secure Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~1\KABELD~1\apps\COMPUT~1\ANTI-V~1\fsav.exe
==================== Loaded Modules (whitelisted) =============
2014-06-04 12:46 - 2013-08-30 01:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-06-05 20:59 - 2013-08-20 10:57 - 00045504 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2013-01-18 11:06 - 2013-01-18 11:06 - 00208880 _____ () C:\Program Files\Kabel Deutschland\daas2.dll
2014-06-04 14:00 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2014-06-04 14:00 - 2002-11-26 13:43 - 00106496 ____N () C:\Windows\system32\BrMuSNMP.dll
2014-06-05 21:04 - 2014-06-05 21:04 - 00030888 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2014-06-05 20:59 - 2014-06-05 21:04 - 00212008 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\Spam Control\fsas.dll
2014-06-05 20:52 - 2014-06-05 20:52 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2014-06-05 20:59 - 2013-08-20 10:57 - 00056256 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\FSGUI\fsavures.eng
2014-06-05 20:59 - 2013-08-20 10:57 - 00093120 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\FSGUI\strres.eng
2014-06-05 20:59 - 2013-08-20 10:57 - 00154560 _____ () C:\Program Files\Kabel Deutschland\apps\ComputerSecurity\FSGUI\flyerres.eng
2014-06-06 10:44 - 2012-09-07 17:30 - 00002560 _____ () C:\Program Files\Secure Banking\sbservice.exe
2014-06-06 10:44 - 2013-06-30 17:01 - 00017920 _____ () C:\Program Files\Secure Banking\SecureBanking.dll
2014-06-06 10:43 - 2013-05-26 13:13 - 00008704 _____ () C:\Program Files\Secure Banking\funcs.dll
2014-06-05 20:33 - 2014-06-05 20:33 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\42f1ffc0f76dec53185c54cc637dd791\PSIClient.ni.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/11/2014 08:27:34 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1 2014-06-11 20:27:32+02:00 NOTEBOOK-HOME SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\users\user\desktop\frst.exe
File hash: 4069f7e60dc5e1e2e7ef4a78863eb4bea5a309e4
Error: (06/11/2014 08:27:08 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/10/2014 08:59:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (06/10/2014 08:21:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:21:12.747]: [00002344]: GetDeviceIpAddress: GetAddressByName [BRWC417FEDE7854] Error
Error: (06/10/2014 08:20:42 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:20:42.388]: [00002344]: GetDeviceIpAddress: GetAddressByName [BRWC417FEDE7854] Error
Error: (06/10/2014 08:20:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:20:12.342]: [00002344]: GetDeviceIpAddress: GetAddressByName [BRWC417FEDE7854] Error
Error: (06/10/2014 08:20:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:20:12.249]: [00002344]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.0.100]
Error: (06/10/2014 08:19:29 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:19:29.382]: [00002344]: GetDeviceIpAddress: GetAddressByName [BRWC417FEDE7854] Error
Error: (06/10/2014 08:18:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:18:59.336]: [00002344]: GetDeviceIpAddress: GetAddressByName [BRWC417FEDE7854] Error
Error: (06/10/2014 08:18:59 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2014/06/10 20:18:59.243]: [00002344]: SendSKeySettingToDevice:: Snmp Load Error[-1] To[192.168.0.100]
System errors:
=============
Error: (06/11/2014 08:23:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MBAMScheduler erreicht.
Error: (06/11/2014 08:22:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (06/11/2014 03:04:14 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4}
Error: (06/10/2014 08:58:22 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (06/10/2014 08:18:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/10/2014 08:15:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (06/10/2014 08:11:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 63%
Total physical RAM: 2388.36 MB
Available physical RAM: 882.37 MB
Total Pagefile: 4775 MB
Available Pagefile: 3102.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1920.21 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:465.66 GB) (Free:396.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5908BEA6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
MalwareBytes Log AdWCleaner log JRT log FRST log Addition log in der Reihenfolge, bitte schön Achja JRT hat wegen einem bad Module gemeckert und wollte zum entfernen neu Booten. Hab ich 2 mal gemacht. Bad Module wurde immer wieder gefunden. Hab dann den revoot abgelehnt damit es durchlauft. Geändert von Jockele (11.06.2014 um 20:22 Uhr) |
|
12.06.2014, 08:16
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking PhishingESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 - (trojan.ransom.gend) - Gruppenrichtline verhinder AVP ausführung, Onlinebanking Phishing |
| adobe, adware, avp, blockiert, browser, desktop, ebanking, explorer, firefox, flash player, gruppenrichtline, mozilla, nvpciflt.sys, phishing, realtek, registry, scan, schutz, security, software, starten, svchost.exe, system, temp, trojaner, usb, windows, windows xp |
WARNUNG an die MITLESER: 
Linear-Darstellung
