Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PUP.Optional.Installcore.a - Probleme mit dem Laptop-Touchpad (https://www.trojaner-board.de/146213-pup-optional-installcore-a-probleme-laptop-touchpad.html)

EinFrage 16.12.2013 20:15
PUP.Optional.Installcore.a - Probleme mit dem Laptop-Touchpad
 
Hallo,

hatte in letzter Zeit ein seltsames Problem auf meinem PC zu beklagen. Ich kann - auch in diesem Moment - in keinem Browser scrollen, weder über die Sonderfunktion auf dem Touchpad, noch über die Scrollleiste.

Wenn ich in Firefox unter Einstellungen/Datenschutz die Cookies anzeigen lassen will, öffnet er zwar das Cookie-Fenster, aber es lässt sich darin nichts anklicken. Ich kann also die Cookies auf diese Weise nicht entfernen.

Manchmal lässt sich allgemein nichts anklicken, es ist als würde der PC einfach einfrieren.

Malwarebytes hat 2 infizierte Dateien gefunden:

PUP.Optional.Installcore.a in C:\User\XXXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YT20VRSM\Firefox_Setup.exe

Und der gleiche Befund in C:\User\XXXX\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe

Außerdem hängt der PC manchmal extrem, so wie jetzt in diesem Moment, nachdem ich die FRST-Protokolle hier reinkopiert habe.


Die Log-Dateien muss ich auf Grund der Überlänger auf mehrere Posts verteilen (vielleicht mache ich auch was falsch]

FRST (Part1]

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-12-2013 02
Ran by XXXX (administrator) on MARIO on 16-12-2013 13:59:09
Running from C:\Users\XXXX\Desktop
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-26] (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x43A083C9C6EACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\0b25n0b2.default
FF NewTab: about:blank
FF Homepage: www.google.de
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20(shExpMatch(host%2C%20'(*.turntable.fm%7Cturntable.fm)')%20%26%26%20url.indexOf('.css')%20%3D%3D%20-1%20%26%26%20url.indexOf('.js')%20%3D%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1)%20%7B%20return%20'PROXY%20ab-us02.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us20.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000%3B%20PROXY%20ab-us21.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us22.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20nq-us01.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\0b25n0b2.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: firefox - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\0b25n0b2.default\Extensions\firefox@ghostery.com.xpi
FF Extension: jid1-QpHD8URtZWJC2A - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\0b25n0b2.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
FF Extension: Adblock Plus - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\0b25n0b2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: bprivacyprefs - C:\Users\XXXX\AppData\Roaming\Mozilla\Firefox\Profiles\0b25n0b2.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-26] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-11-04] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-11-04] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [38984 2013-11-26] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [84328 2013-11-26] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [92544 2013-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-26] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1032416 2013-11-26] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [409832 2013-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-26] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-11-04] (Secunia)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-16 13:59 - 2013-12-16 13:59 - 00009002 _____ C:\Users\XXXX\Desktop\FRST.txt
2013-12-16 13:59 - 2013-12-16 13:59 - 00000000 ____D C:\FRST
2013-12-16 13:55 - 2013-12-16 13:55 - 01927940 _____ (Farbar) C:\Users\XXXX\Desktop\FRST64.exe
2013-12-16 12:44 - 2013-12-16 12:44 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Malwarebytes
2013-12-16 12:43 - 2013-12-16 12:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\XXXX\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-16 12:43 - 2013-12-16 12:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 12:43 - 2013-12-16 12:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 12:43 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-16 12:37 - 2013-12-16 12:37 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-16 12:37 - 2013-12-16 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-16 12:37 - 2013-12-16 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-16 12:35 - 2013-12-16 12:35 - 00283096 _____ (Mozilla) C:\Users\XXXX\Downloads\Firefox Setup Stub 26.0.exe
2013-12-11 12:45 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-12-11 12:45 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-12-11 12:45 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-12-11 12:45 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-12-11 12:45 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-12-11 12:45 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-12-11 12:45 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-12-11 12:45 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-12-11 12:45 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-12-11 12:45 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-12-11 12:44 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-12-11 12:44 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-12-11 12:44 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-12-11 12:44 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-12-11 12:44 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-12-11 12:44 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-12-11 12:44 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-12-11 12:44 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-12-11 12:44 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2013-12-11 12:44 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2013-12-11 12:43 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-12-11 12:43 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2013-12-11 12:43 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-12-11 12:43 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2013-12-11 12:43 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2013-12-11 12:43 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2013-12-11 12:43 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2013-12-11 12:43 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2013-12-11 12:43 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2013-12-11 12:43 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2013-12-11 12:43 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2013-12-11 12:43 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2013-12-11 12:43 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-12-11 12:43 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2013-12-11 12:43 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2013-12-11 12:43 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2013-12-11 12:43 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2013-12-11 12:43 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2013-12-11 12:43 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-12-11 12:43 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-12-11 12:43 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2013-12-11 12:43 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-12-11 12:43 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2013-12-11 12:43 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2013-12-11 12:43 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2013-12-11 12:43 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-12-11 12:43 - 2013-10-03 23:09 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-12-11 12:43 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-12-11 12:43 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2013-12-11 12:43 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2013-12-11 12:43 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2013-12-11 12:43 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-12-11 12:43 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2013-12-11 12:43 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2013-12-11 12:43 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2013-12-11 12:43 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2013-12-10 22:27 - 2013-12-10 22:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-09 19:34 - 2013-12-09 19:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-09 15:47 - 2013-12-09 15:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-11-28 13:22 - 2012-11-20 06:24 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2013-11-28 13:22 - 2012-11-20 06:17 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-28 13:22 - 2012-11-20 06:02 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDKURD.DLL
2013-11-28 13:22 - 2012-11-20 05:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDKURD.DLL
2013-11-28 13:21 - 2012-11-06 08:52 - 00277736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2013-11-28 13:21 - 2012-11-06 08:33 - 01566432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2013-11-28 13:21 - 2012-11-06 05:48 - 01150160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2013-11-28 13:21 - 2012-11-06 05:20 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2013-11-28 13:21 - 2012-11-06 05:20 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2013-11-28 13:21 - 2012-11-06 05:20 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2013-11-28 13:21 - 2012-11-06 05:20 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2013-11-28 13:21 - 2012-11-06 05:20 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-28 13:21 - 2012-11-06 05:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 08552448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2013-11-28 13:21 - 2012-11-06 05:19 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2013-11-28 13:21 - 2012-11-06 05:18 - 11459584 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2013-11-28 13:21 - 2012-11-06 05:18 - 00976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2013-11-28 13:21 - 2012-11-06 05:18 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2013-11-28 13:21 - 2012-11-06 05:18 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2013-11-28 13:21 - 2012-11-06 05:17 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2013-11-28 13:21 - 2012-11-06 05:17 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2013-11-28 13:21 - 2012-11-06 04:51 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2013-11-28 13:20 - 2012-11-06 05:20 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2013-11-28 13:20 - 2012-11-06 05:20 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2013-11-28 13:20 - 2012-11-06 05:19 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2013-11-28 13:20 - 2012-11-06 05:19 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2013-11-28 13:20 - 2012-11-06 05:19 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2013-11-28 13:20 - 2012-11-06 05:19 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2013-11-28 13:20 - 2012-11-06 05:18 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2013-11-28 13:20 - 2012-11-06 05:18 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2013-11-28 13:20 - 2012-11-06 05:00 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2013-11-28 13:20 - 2012-11-06 04:58 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2013-11-28 13:20 - 2012-11-06 04:56 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2013-11-28 13:20 - 2012-11-06 04:55 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2013-11-28 13:20 - 2012-11-06 04:55 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2013-11-28 13:20 - 2012-11-06 04:55 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2013-11-28 13:20 - 2012-11-06 04:55 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2013-11-28 13:20 - 2012-11-06 04:55 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fxppm.sys
2013-11-28 13:20 - 2012-10-12 07:13 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dskquota.dll
2013-11-28 13:20 - 2012-10-12 06:39 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dskquota.dll
2013-11-28 13:19 - 2012-10-24 05:54 - 00396008 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2013-11-28 13:19 - 2012-10-17 05:32 - 01172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2013-11-28 13:19 - 2012-10-17 05:32 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2013-11-28 13:19 - 2012-10-17 05:32 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2013-11-28 13:19 - 2012-10-17 04:57 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2013-11-28 13:19 - 2012-10-17 04:57 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2013-11-28 13:19 - 2012-10-17 04:57 - 00513024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2013-11-28 13:18 - 2012-10-11 08:47 - 00793200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-28 13:18 - 2012-10-11 08:25 - 00056552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2013-11-28 13:18 - 2012-10-11 08:23 - 00441576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2013-11-28 13:18 - 2012-10-11 08:18 - 00172264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2013-11-28 13:18 - 2012-10-11 08:13 - 00033512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\battc.sys
2013-11-28 13:18 - 2012-10-11 08:08 - 00562392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2013-11-28 13:18 - 2012-10-11 08:02 - 01636672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2013-11-28 13:18 - 2012-10-11 06:46 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2013-11-28 13:18 - 2012-10-11 06:46 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2013-11-28 13:18 - 2012-10-11 06:46 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Compression.dll
2013-11-28 13:18 - 2012-10-11 06:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2013-11-28 13:18 - 2012-10-11 06:46 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2013-11-28 13:18 - 2012-10-11 06:45 - 01045504 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2013-11-28 13:18 - 2012-10-11 06:45 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2013-11-28 13:18 - 2012-10-11 06:45 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2013-11-28 13:18 - 2012-10-11 06:45 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2013-11-28 13:18 - 2012-10-11 06:45 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2013-11-28 13:18 - 2012-10-11 06:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2013-11-28 13:18 - 2012-10-11 06:44 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2013-11-28 13:18 - 2012-10-11 06:44 - 00904192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2013-11-28 13:18 - 2012-10-11 06:44 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2013-11-28 13:18 - 2012-10-11 06:44 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2013-11-28 13:18 - 2012-10-11 06:44 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2013-11-28 13:18 - 2012-10-11 06:44 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 01280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2013-11-28 13:18 - 2012-10-11 06:43 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2013-11-28 13:18 - 2012-10-11 06:42 - 00612416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2013-11-28 13:18 - 2012-10-11 06:23 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-pdc.dll
2013-11-28 13:18 - 2012-10-11 06:23 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdhebl3.dll
2013-11-28 13:18 - 2012-10-11 06:19 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2013-11-28 13:18 - 2012-10-11 06:18 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2013-11-28 13:18 - 2012-10-11 06:15 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2013-11-28 13:18 - 2012-10-11 06:07 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2013-11-28 13:18 - 2012-10-11 06:07 - 00962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2013-11-28 13:18 - 2012-10-11 06:07 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2013-11-28 13:18 - 2012-10-11 06:07 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2013-11-28 13:18 - 2012-10-11 06:07 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Compression.dll
2013-11-28 13:18 - 2012-10-11 06:07 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2013-11-28 13:18 - 2012-10-11 06:07 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2013-11-28 13:18 - 2012-10-11 06:06 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2013-11-28 13:18 - 2012-10-11 06:05 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2013-11-28 13:18 - 2012-10-11 05:42 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdhebl3.dll
2013-11-28 13:18 - 2012-10-11 01:45 - 00478424 _____ C:\WINDOWS\SysWOW64\locale.nls
2013-11-28 13:18 - 2012-10-11 01:44 - 00478424 _____ C:\WINDOWS\system32\locale.nls
2013-11-28 13:17 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-11-28 13:17 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-11-28 13:17 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-11-28 13:17 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-11-28 13:17 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-11-28 13:17 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-11-28 13:17 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-11-28 13:17 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-11-28 13:17 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-11-28 13:17 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-28 13:17 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-11-28 13:17 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-11-28 13:17 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-11-28 13:17 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-28 13:17 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-11-28 13:17 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-11-28 13:17 - 2013-07-13 07:15 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appmgr.dll
2013-11-28 13:17 - 2013-07-13 05:23 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appmgr.dll
2013-11-28 13:17 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-11-28 13:17 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-11-28 13:16 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-11-28 13:16 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-28 13:16 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-28 13:16 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2013-11-28 13:16 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2013-11-28 13:16 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2013-11-28 13:16 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2013-11-28 13:16 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2013-11-28 13:16 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-11-28 13:16 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2013-11-28 13:16 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2013-11-28 13:16 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2013-11-28 13:16 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2013-11-28 13:16 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2013-11-28 13:16 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2013-11-28 13:16 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-28 13:16 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2013-11-28 13:16 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-28 13:16 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2013-11-28 13:16 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-28 13:16 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2013-11-28 13:16 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2013-11-28 13:16 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2013-11-28 13:16 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2013-11-28 13:16 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2013-11-28 13:16 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2013-11-28 13:16 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2013-11-28 13:16 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2013-11-28 13:16 - 2012-11-27 07:39 - 01122768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2013-11-28 13:16 - 2012-11-27 05:49 - 01027152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2013-11-28 13:16 - 2012-11-27 05:20 - 01217536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2013-11-28 13:16 - 2012-11-27 05:20 - 01123840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2013-11-28 13:16 - 2012-11-27 05:20 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2013-11-28 13:16 - 2012-11-27 05:20 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2013-11-28 13:16 - 2012-11-27 05:20 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2013-11-28 13:16 - 2012-11-27 05:20 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2013-11-28 13:16 - 2012-11-27 05:20 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vds_ps.dll
2013-11-28 13:16 - 2012-11-27 05:19 - 03245568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2013-11-28 13:16 - 2012-11-27 05:19 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2013-11-28 13:16 - 2012-11-27 05:19 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2013-11-28 13:16 - 2012-11-27 05:19 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2013-11-28 13:16 - 2012-11-27 05:19 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2013-11-28 13:16 - 2012-10-12 09:08 - 00027880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2013-11-28 13:16 - 2012-10-12 07:14 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2013-11-28 13:16 - 2012-10-12 06:50 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2013-11-28 13:16 - 2012-09-11 06:28 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsldr.exe
2013-11-28 13:16 - 2012-09-11 06:27 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds_ps.dll
2013-11-28 13:15 - 2012-09-20 08:55 - 03265256 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys
2013-11-28 13:14 - 2012-09-20 09:40 - 00389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2013-11-28 13:14 - 2012-09-20 08:55 - 00533224 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys
2013-11-28 13:14 - 2012-09-20 07:33 - 03964416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2013-11-28 13:14 - 2012-09-20 07:33 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2013-11-28 13:14 - 2012-09-20 07:33 - 01513984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2013-11-28 13:14 - 2012-09-20 07:33 - 01304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2013-11-28 13:14 - 2012-09-20 07:33 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2013-11-28 13:14 - 2012-09-20 07:32 - 01739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2013-11-28 13:14 - 2012-09-20 07:32 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2013-11-28 13:14 - 2012-09-20 07:32 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2013-11-28 13:14 - 2012-09-20 07:30 - 03847168 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-28 13:14 - 2012-09-20 07:30 - 02219008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2013-11-28 13:14 - 2012-09-20 06:54 - 01196032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2013-11-28 13:14 - 2012-09-20 06:53 - 03296256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2013-11-28 13:14 - 2012-09-20 06:53 - 02033664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2013-11-28 13:13 - 2012-09-20 10:08 - 00027280 _____ (Microsoft Corporation) C:\WINDOWS\system32\avrt.dll
2013-11-28 13:13 - 2012-09-20 09:31 - 00425192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-28 13:13 - 2012-09-20 07:47 - 00307192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2013-11-28 13:13 - 2012-09-20 07:33 - 00866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2013-11-28 13:13 - 2012-09-20 07:33 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSATAPI.dll
2013-11-28 13:13 - 2012-09-20 07:33 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2013-11-28 13:13 - 2012-09-20 07:33 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2013-11-28 13:13 - 2012-09-20 07:33 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-28 13:13 - 2012-09-20 07:33 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2013-11-28 13:13 - 2012-09-20 07:33 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2013-11-28 13:13 - 2012-09-20 07:33 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2013-11-28 13:13 - 2012-09-20 07:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2013-11-28 13:13 - 2012-09-20 07:33 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2013-11-28 13:13 - 2012-09-20 07:32 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2013-11-28 13:13 - 2012-09-20 07:32 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2013-11-28 13:13 - 2012-09-20 07:32 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2013-11-28 13:13 - 2012-09-20 07:32 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2013-11-28 13:13 - 2012-09-20 07:32 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2013-11-28 13:13 - 2012-09-20 07:32 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2013-11-28 13:13 - 2012-09-20 07:31 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2013-11-28 13:13 - 2012-09-20 07:31 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcss.dll
2013-11-28 13:13 - 2012-09-20 07:30 - 02016256 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2013-11-28 13:13 - 2012-09-20 07:30 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2013-11-28 13:13 - 2012-09-20 07:30 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2013-11-28 13:13 - 2012-09-20 07:30 - 00634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-28 13:13 - 2012-09-20 07:30 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2013-11-28 13:13 - 2012-09-20 07:30 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdsrv.dll
2013-11-28 13:13 - 2012-09-20 07:13 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2013-11-28 13:13 - 2012-09-20 07:13 - 00023656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\avrt.dll
2013-11-28 13:13 - 2012-09-20 07:08 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\csc.sys
2013-11-28 13:13 - 2012-09-20 06:55 - 00995328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2013-11-28 13:13 - 2012-09-20 06:55 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2013-11-28 13:13 - 2012-09-20 06:55 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2013-11-28 13:13 - 2012-09-20 06:55 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSATAPI.dll
2013-11-28 13:13 - 2012-09-20 06:55 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2013-11-28 13:13 - 2012-09-20 06:54 - 01369600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2013-11-28 13:13 - 2012-09-20 06:54 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2013-11-28 13:13 - 2012-09-20 06:53 - 02007040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2013-11-28 13:13 - 2012-09-20 06:53 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2013-11-28 13:13 - 2012-09-20 06:53 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2013-11-28 13:13 - 2012-09-20 06:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2013-11-28 13:13 - 2012-09-20 06:53 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2013-11-28 13:13 - 2012-09-20 06:53 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2013-11-28 13:12 - 2012-09-20 09:04 - 00100072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2013-11-28 13:12 - 2012-09-20 07:33 - 01342464 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2013-11-28 13:12 - 2012-09-20 07:33 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2013-11-28 13:12 - 2012-09-20 07:33 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2013-11-28 13:12 - 2012-09-20 07:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2013-11-28 13:12 - 2012-09-20 07:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2013-11-28 13:12 - 2012-09-20 07:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2013-11-28 13:12 - 2012-09-20 07:33 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2013-11-28 13:12 - 2012-09-20 07:33 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2013-11-28 13:12 - 2012-09-20 07:32 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2013-11-28 13:12 - 2012-09-20 07:32 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2013-11-28 13:12 - 2012-09-20 07:31 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2013-11-28 13:12 - 2012-09-20 07:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2013-11-28 13:12 - 2012-09-20 07:30 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\CscMig.dll
2013-11-28 13:12 - 2012-09-20 07:09 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2013-11-28 13:12 - 2012-09-20 07:08 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2013-11-28 13:12 - 2012-09-20 06:55 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2013-11-28 13:12 - 2012-09-20 06:55 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2013-11-28 13:12 - 2012-09-20 06:55 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2013-11-28 13:12 - 2012-09-20 06:55 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2013-11-28 13:12 - 2012-09-20 06:55 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2013-11-28 13:12 - 2012-09-20 06:55 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2013-11-28 13:12 - 2012-09-20 06:54 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2013-11-28 13:12 - 2012-09-20 06:54 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2013-11-28 13:12 - 2012-09-20 06:53 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2013-11-28 13:12 - 2012-09-20 06:53 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2013-11-28 13:12 - 2012-09-20 05:13 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2013-11-28 13:12 - 2012-09-20 05:10 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2013-11-28 13:11 - 2012-09-27 08:17 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.exe
2013-11-28 13:11 - 2012-09-27 08:17 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndadmin.exe
2013-11-28 13:11 - 2012-09-27 08:15 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2013-11-28 13:11 - 2012-09-27 07:35 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.exe
2013-11-28 13:11 - 2012-09-27 07:35 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndadmin.exe
2013-11-28 13:11 - 2012-09-27 07:34 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2013-11-28 13:10 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2013-11-28 13:10 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2013-11-28 13:10 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2013-11-28 13:10 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-28 13:10 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2013-11-28 13:10 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2013-11-28 13:10 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2013-11-28 13:10 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2013-11-28 13:10 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2013-11-28 13:10 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2013-11-28 13:10 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-28 13:10 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2013-11-28 13:10 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2013-11-28 13:10 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2013-11-28 13:10 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2013-11-28 13:10 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2013-11-28 13:10 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2013-11-28 13:10 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2013-11-28 13:10 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2013-11-28 13:10 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2013-11-28 13:10 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2013-11-28 13:10 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2013-11-28 13:10 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-28 13:10 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2013-11-28 13:10 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-11-28 13:10 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2013-11-28 13:10 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2013-11-28 13:10 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2013-11-28 13:10 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2013-11-28 13:10 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2013-11-28 13:10 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2013-11-28 13:10 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2013-11-28 13:10 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2013-11-28 13:10 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2013-11-28 13:10 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2013-11-28 13:10 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2013-11-28 13:10 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2013-11-28 13:10 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2013-11-28 13:10 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2013-11-28 13:10 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2013-11-28 13:10 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2013-11-28 13:10 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2013-11-28 13:10 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2013-11-28 13:10 - 2012-10-02 08:34 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2013-11-28 13:10 - 2012-09-20 07:48 - 00062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2013-11-28 12:10 - 2013-11-28 12:18 - 00002105 _____ C:\Users\XXXX\Desktop\Klicken Sie hier, um PC-Fehler zu finden und zu reparieren.lnk
2013-11-28 12:10 - 2013-11-28 12:18 - 00001338 _____ C:\Users\XXXX\Desktop\Smart Data Recovery.lnk
2013-11-28 12:10 - 2013-11-28 12:10 - 00000000 ____D C:\Program Files (x86)\Smart PC Solutions
2013-11-28 12:07 - 2013-11-28 12:07 - 02300056 _____ (Smart PC Solutions                                          ) C:\Users\XXXX\Downloads\recoverysetup_4.4.exe
2013-11-28 12:03 - 2013-11-28 12:03 - 00001330 _____ C:\Users\XXXX\Desktop\PC Inspector File Recovery.lnk
2013-11-28 12:03 - 2013-11-28 12:03 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-11-28 12:03 - 2013-11-28 12:03 - 00000000 ____D C:\Program Files (x86)\Convar
2013-11-28 12:02 - 2013-11-28 12:02 - 03462033 _____ C:\Users\XXXX\Downloads\pci_filerecovery.exe
2013-11-27 17:54 - 2013-12-04 01:53 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-11-27 17:54 - 2013-12-04 01:53 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-27 17:49 - 2013-11-27 17:57 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-27 16:43 - 2013-12-14 21:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-27 16:43 - 2013-12-14 21:23 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-27 16:19 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2013-11-27 16:19 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-27 16:19 - 2013-08-16 06:32 - 00209200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2013-11-27 16:19 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2013-11-27 16:19 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2013-11-27 16:19 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2013-11-27 16:19 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00083968 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2013-11-27 16:19 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2013-11-27 16:19 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2013-11-27 16:18 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2013-11-27 16:18 - 2013-01-10 02:53 - 00028904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2013-11-27 16:18 - 2013-01-10 02:29 - 00091880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2013-11-27 16:18 - 2013-01-10 00:26 - 01752064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2013-11-27 16:18 - 2013-01-10 00:26 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2013-11-27 16:18 - 2013-01-10 00:26 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2013-11-27 16:18 - 2013-01-10 00:26 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm.dll
2013-11-27 16:18 - 2013-01-10 00:26 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2013-11-27 16:18 - 2013-01-10 00:26 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmstormod.dll
2013-11-27 16:18 - 2013-01-10 00:26 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaacmgr.exe
2013-11-27 16:18 - 2013-01-10 00:23 - 02094592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2013-11-27 16:18 - 2013-01-10 00:23 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2013-11-27 16:18 - 2013-01-10 00:23 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2013-11-27 16:18 - 2013-01-10 00:23 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-27 16:18 - 2013-01-10 00:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm.dll
2013-11-27 16:18 - 2013-01-10 00:23 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmstormod.dll
2013-11-27 16:18 - 2013-01-10 00:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2013-11-27 16:18 - 2013-01-10 00:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaacmgr.exe
2013-11-27 16:18 - 2013-01-10 00:22 - 00894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-27 16:18 - 2013-01-10 00:22 - 00666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2013-11-27 16:18 - 2013-01-10 00:22 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2013-11-27 16:18 - 2013-01-10 00:22 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2013-11-27 16:18 - 2012-11-02 06:19 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2013-11-27 16:18 - 2012-11-02 06:18 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2013-11-27 16:18 - 2012-11-02 06:18 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2013-11-27 16:18 - 2012-11-02 06:18 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhapi.dll
2013-11-27 16:18 - 2012-11-02 06:18 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2013-11-27 16:18 - 2012-11-02 06:18 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\keepaliveprovider.dll
2013-11-27 16:18 - 2012-10-12 07:14 - 01347072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2013-11-27 16:18 - 2012-10-12 07:14 - 00652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2013-11-27 16:18 - 2012-10-12 07:14 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmshell.dll
2013-11-27 16:18 - 2012-10-12 07:14 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\adrclient.dll
2013-11-27 16:18 - 2012-10-12 07:14 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmtrace.dll
2013-11-27 16:18 - 2012-10-12 07:14 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\srm_ps.dll
2013-11-27 16:18 - 2012-10-12 06:41 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2013-11-27 16:18 - 2012-10-12 06:41 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2013-11-27 16:18 - 2012-10-12 06:41 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmshell.dll
2013-11-27 16:18 - 2012-10-12 06:41 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adrclient.dll
2013-11-27 16:18 - 2012-10-12 06:41 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmtrace.dll
2013-11-27 16:18 - 2012-10-12 06:41 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srm_ps.dll
2013-11-27 16:18 - 2012-09-20 07:33 - 00110592 _____ C:\WINDOWS\system32\OEMLicense.dll
2013-11-27 16:17 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-27 16:17 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-27 16:17 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-27 16:17 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2013-11-27 16:17 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2013-11-27 16:17 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2013-11-27 16:17 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2013-11-27 16:17 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2013-11-27 16:17 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2013-11-27 16:17 - 2012-10-10 08:04 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\synceng.dll
2013-11-27 16:17 - 2012-10-10 07:31 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\synceng.dll
2013-11-27 16:14 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2013-11-27 16:11 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-27 16:11 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-11-27 16:11 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-11-27 16:11 - 2012-11-26 05:21 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2013-11-27 16:11 - 2012-11-26 05:20 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-27 16:10 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2013-11-27 16:08 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-11-27 16:08 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2013-11-27 16:08 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-11-27 16:08 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-11-27 16:08 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-11-27 16:08 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-11-27 16:08 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-11-27 16:08 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2013-11-27 16:05 - 2012-08-31 01:53 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2013-11-27 16:05 - 2012-08-31 01:52 - 00017888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2013-11-27 16:00 - 2013-03-02 11:57 - 00332520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2013-11-27 16:00 - 2013-03-02 11:57 - 00077544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2013-11-27 16:00 - 2013-03-02 11:39 - 00495336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2013-11-27 16:00 - 2013-03-02 09:23 - 01338880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2013-11-27 16:00 - 2013-03-02 09:23 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2013-11-27 16:00 - 2013-03-02 09:23 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2013-11-27 16:00 - 2013-03-02 09:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-11-27 16:00 - 2013-03-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncInfo.dll
2013-11-27 16:00 - 2013-03-02 09:22 - 05091840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2013-11-27 16:00 - 2013-03-02 09:22 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2013-11-27 16:00 - 2013-03-02 09:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2013-11-27 16:00 - 2013-03-02 09:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2013-11-27 16:00 - 2013-03-02 09:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 01149952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2013-11-27 16:00 - 2013-03-02 03:45 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDPrintProxy.DLL
2013-11-27 16:00 - 2013-03-02 03:44 - 05978624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-27 16:00 - 2013-03-02 03:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2013-11-27 16:00 - 2013-03-02 03:44 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2013-11-27 16:00 - 2013-03-02 03:44 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2013-11-27 16:00 - 2013-03-02 03:44 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NdisImPlatform.dll
2013-11-27 16:00 - 2013-03-02 03:44 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2013-11-27 16:00 - 2013-03-02 03:43 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2013-11-27 16:00 - 2013-03-02 03:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2013-11-27 16:00 - 2013-03-01 05:56 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2013-11-27 15:59 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2013-11-27 15:59 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-27 15:51 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2013-11-27 15:51 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2013-11-27 15:51 - 2013-04-24 00:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2013-11-27 15:51 - 2013-04-24 00:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2013-11-27 15:51 - 2013-04-23 23:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2013-11-27 15:51 - 2013-04-23 23:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2013-11-27 15:50 - 2013-04-09 06:20 - 00306952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll
2013-11-27 15:50 - 2013-04-09 06:17 - 01829408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2013-11-27 15:50 - 2013-04-09 05:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2013-11-27 15:50 - 2013-04-09 05:51 - 14267904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2013-11-27 15:50 - 2013-04-09 05:51 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2013-11-27 15:50 - 2013-04-09 05:50 - 02107904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2013-11-27 15:50 - 2013-04-09 05:50 - 01285632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2013-11-27 15:50 - 2013-04-09 05:49 - 01444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2013-11-27 15:50 - 2013-04-08 22:52 - 11878912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2013-11-27 15:50 - 2013-04-08 22:51 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2013-11-27 15:50 - 2013-04-08 22:51 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2013-11-27 15:50 - 2013-04-08 22:51 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2013-11-27 15:49 - 2013-04-09 06:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2013-11-27 15:49 - 2013-04-09 06:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-27 15:49 - 2013-04-09 06:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2013-11-27 15:49 - 2013-04-09 06:20 - 00086280 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2013-11-27 15:49 - 2013-04-09 06:18 - 00077960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdvm.dll
2013-11-27 15:49 - 2013-04-09 05:52 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2013-11-27 15:49 - 2013-04-09 05:52 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2013-11-27 15:49 - 2013-04-09 05:52 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2013-11-27 15:49 - 2013-04-09 05:52 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2013-11-27 15:49 - 2013-04-09 05:51 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2013-11-27 15:49 - 2013-04-09 05:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2013-11-27 15:49 - 2013-04-09 05:51 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2013-11-27 15:49 - 2013-04-09 05:51 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2013-11-27 15:49 - 2013-04-09 05:50 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2013-11-27 15:49 - 2013-04-09 05:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2013-11-27 15:49 - 2013-04-09 05:50 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenuineCenter.dll
2013-11-27 15:49 - 2013-04-09 05:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2013-11-27 15:49 - 2013-04-09 05:50 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2013-11-27 15:49 - 2013-04-09 05:50 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2013-11-27 15:49 - 2013-04-09 05:49 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fmifs.dll
2013-11-27 15:49 - 2013-04-09 05:48 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2013-11-27 15:49 - 2013-04-09 03:34 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2013-11-27 15:49 - 2013-04-09 03:33 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2013-11-27 15:49 - 2013-04-09 03:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2013-11-27 15:49 - 2013-04-09 03:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2013-11-27 15:49 - 2013-04-09 03:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2013-11-27 15:49 - 2013-04-09 03:31 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2013-11-27 15:49 - 2013-04-09 00:44 - 00123880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2013-11-27 15:49 - 2013-04-09 00:39 - 01408896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2013-11-27 15:49 - 2013-04-09 00:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2013-11-27 15:49 - 2013-04-09 00:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2013-11-27 15:49 - 2013-04-08 22:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2013-11-27 15:49 - 2013-04-08 22:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2013-11-27 15:49 - 2013-04-08 22:52 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2013-11-27 15:49 - 2013-04-08 22:52 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2013-11-27 15:49 - 2013-04-08 22:51 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fmifs.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2013-11-27 15:49 - 2013-04-08 22:51 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2013-11-27 15:49 - 2013-04-05 00:30 - 00503080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2013-11-27 15:49 - 2013-03-15 23:05 - 00298456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2013-11-27 15:49 - 2013-03-15 23:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2013-11-27 15:49 - 2013-02-19 16:07 - 00083688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_AuthenticAMD.dll
2013-11-27 15:49 - 2013-02-02 09:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll
2013-11-27 15:49 - 2013-02-02 09:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2013-11-27 15:49 - 2013-01-10 02:40 - 00303848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2013-11-27 15:49 - 2012-12-13 05:00 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2013-11-27 15:49 - 2012-12-13 04:59 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2013-11-27 15:49 - 2012-11-20 05:54 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidi2c.sys
2013-11-27 15:49 - 2012-11-06 08:33 - 00522640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2013-11-27 15:49 - 2012-11-06 06:00 - 00463768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2013-11-27 15:49 - 2012-11-06 05:18 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2013-11-27 15:49 - 2012-10-11 06:44 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2013-11-27 15:49 - 2012-10-11 06:44 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2013-11-27 15:49 - 2012-10-11 06:06 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2013-11-27 15:49 - 2012-10-11 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2013-11-27 15:49 - 2012-09-20 07:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhmanagew.exe
2013-11-27 15:49 - 2012-09-20 07:33 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndptsp.tsp
2013-11-27 15:49 - 2012-09-20 07:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2013-11-27 15:49 - 2012-09-20 07:32 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2013-11-27 15:49 - 2012-09-20 07:32 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2013-11-27 15:49 - 2012-09-20 07:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2013-11-27 15:49 - 2012-09-20 07:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2013-11-27 15:49 - 2012-09-20 07:32 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2013-11-27 15:49 - 2012-09-20 07:32 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2013-11-27 15:49 - 2012-09-20 07:32 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcat.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhshl.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsrchapi.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsrchph.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhlisten.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhautoplay.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcleanup.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2013-11-27 15:49 - 2012-09-20 07:31 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2013-11-27 15:49 - 2012-09-20 07:12 - 09374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2013-11-27 15:49 - 2012-09-20 07:09 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2013-11-27 15:49 - 2012-09-20 06:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndptsp.tsp
2013-11-27 15:49 - 2012-09-20 06:55 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2013-11-27 15:49 - 2012-09-20 06:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2013-11-27 15:49 - 2012-09-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2013-11-27 15:49 - 2012-09-20 06:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2013-11-27 15:49 - 2012-09-20 06:54 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2013-11-27 15:49 - 2012-09-20 06:54 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2013-11-27 15:49 - 2012-09-20 06:54 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2013-11-27 15:49 - 2012-09-20 06:54 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2013-11-27 15:49 - 2012-09-20 06:32 - 09374208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2013-11-27 15:48 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2013-11-27 15:48 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2013-11-27 15:48 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2013-11-27 15:48 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2013-11-27 15:48 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2013-11-27 15:48 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2013-11-27 15:48 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2013-11-27 15:48 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2013-11-27 15:48 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2013-11-27 15:48 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2013-11-27 15:48 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2013-11-27 15:48 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2013-11-27 15:48 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2013-11-27 15:48 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2013-11-27 15:48 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2013-11-27 15:48 - 2013-05-04 05:56 - 00582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2013-11-27 15:48 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2013-11-27 15:48 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2013-11-27 15:48 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2013-11-27 15:48 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2013-11-27 15:48 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2013-11-27 15:48 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2013-11-27 15:48 - 2013-03-02 03:45 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2013-11-27 15:48 - 2013-03-02 03:45 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2013-11-27 15:48 - 2012-11-06 05:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2013-11-27 15:47 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2013-11-27 15:47 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2013-11-27 15:47 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-27 15:47 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2013-11-27 15:47 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2013-11-27 15:47 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2013-11-27 15:47 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2013-11-27 15:47 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2013-11-27 15:47 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2013-11-27 15:47 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll
2013-11-27 15:47 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2013-11-27 15:47 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2013-11-27 15:47 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2013-11-27 15:47 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2013-11-27 15:47 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2013-11-27 15:47 - 2013-02-02 11:54 - 01933544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2013-11-27 15:47 - 2013-02-02 09:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2013-11-27 15:47 - 2013-02-02 09:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2013-11-27 15:47 - 2013-02-02 09:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2013-11-27 15:47 - 2013-02-02 09:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll
2013-11-27 15:47 - 2013-02-02 09:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2013-11-27 15:47 - 2013-02-02 09:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2013-11-27 15:47 - 2013-02-02 09:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2013-11-27 15:47 - 2013-02-02 09:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2013-11-27 15:47 - 2012-11-06 05:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wushareduxresources.dll
2013-11-27 15:46 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-11-27 15:46 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-11-27 15:46 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-11-27 15:46 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-11-27 15:46 - 2013-02-02 09:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll
2013-11-27 15:46 - 2013-02-02 09:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2013-11-27 15:46 - 2013-02-02 09:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2013-11-27 15:46 - 2013-02-02 09:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe
2013-11-27 15:46 - 2013-02-02 09:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe
2013-11-27 15:46 - 2013-02-02 09:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2013-11-27 15:46 - 2013-02-02 09:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe
2013-11-27 15:46 - 2013-02-02 09:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
2013-11-27 15:46 - 2013-02-02 09:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2013-11-27 15:46 - 2013-02-02 09:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2013-11-27 15:46 - 2013-02-02 09:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll
2013-11-27 15:46 - 2013-02-02 08:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2013-11-27 15:46 - 2012-11-27 04:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2013-11-27 15:46 - 2012-11-27 04:55 - 00029952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthhfHid.sys
2013-11-27 15:46 - 2012-11-08 05:24 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2013-11-27 15:46 - 2012-11-08 05:24 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2013-11-27 15:46 - 2012-11-08 05:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2013-11-27 15:46 - 2012-11-08 05:20 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2013-11-27 15:46 - 2012-11-08 05:02 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2013-11-27 15:46 - 2012-11-08 05:01 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2013-11-27 15:46 - 2012-09-20 07:32 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2013-11-27 15:46 - 2012-09-20 07:32 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2013-11-27 15:45 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2013-11-27 15:45 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2013-11-27 15:45 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2013-11-27 15:45 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-27 15:45 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2013-11-27 15:45 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2013-11-27 15:45 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2013-11-27 15:45 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2013-11-27 15:45 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2013-11-27 15:45 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2013-11-27 15:45 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-27 15:45 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-11-27 15:45 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-11-27 15:45 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-11-27 15:45 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-11-27 15:45 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-11-27 15:45 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-11-27 15:45 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-27 15:45 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2013-11-27 15:45 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2013-11-27 15:45 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2013-11-27 15:45 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2013-11-27 15:45 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2013-11-27 15:45 - 2013-03-02 09:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2013-11-27 15:45 - 2013-03-02 03:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2013-11-27 15:45 - 2013-02-05 23:29 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2013-11-27 15:45 - 2013-02-05 23:28 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2013-11-27 15:45 - 2013-02-02 06:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2013-11-27 15:45 - 2013-02-02 06:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2013-11-27 15:45 - 2012-12-15 05:55 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2013-11-27 15:45 - 2012-11-20 05:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2013-11-27 15:45 - 2012-11-10 05:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2013-11-27 15:45 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2013-11-27 15:45 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2013-11-27 15:45 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2013-11-27 15:45 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2013-11-27 15:45 - 2012-11-03 06:26 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysreset.exe
2013-11-27 15:45 - 2012-11-03 06:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2013-11-27 15:45 - 2012-11-03 06:26 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2013-11-27 15:45 - 2012-11-03 06:25 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\resetengmig.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2013-11-27 15:45 - 2012-11-03 06:24 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2013-11-27 15:45 - 2012-11-03 06:04 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2013-11-27 15:45 - 2012-11-03 06:04 - 00003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2013-11-27 15:45 - 2012-11-03 06:00 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2013-11-27 15:45 - 2012-11-03 06:00 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2013-11-27 15:45 - 2012-10-24 04:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2013-11-27 15:45 - 2012-10-24 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2013-11-27 15:45 - 2012-10-24 04:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2013-11-27 15:45 - 2012-10-24 04:24 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2013-11-27 15:45 - 2012-10-24 04:05 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2013-11-27 15:45 - 2012-10-24 03:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2013-11-27 15:45 - 2012-10-06 05:53 - 02893824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2013-11-27 15:45 - 2012-10-06 05:15 - 02400256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2013-11-27 15:44 - 2013-02-12 01:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2013-11-27 15:43 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-11-27 15:43 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-11-27 15:43 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-11-27 15:43 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-11-27 15:43 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2013-11-27 15:43 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2013-11-27 15:43 - 2013-03-15 01:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2013-11-27 15:43 - 2013-02-21 11:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-11-27 15:43 - 2013-02-21 11:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-11-27 15:43 - 2013-02-21 11:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-11-27 15:43 - 2013-02-21 11:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-11-27 15:43 - 2013-02-21 11:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-11-27 15:43 - 2013-02-21 11:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-11-27 15:43 - 2013-02-19 10:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-11-27 15:43 - 2012-11-08 05:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-11-27 15:43 - 2012-11-08 05:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-11-27 15:42 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2013-11-27 15:42 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2013-11-27 15:42 - 2013-03-06 08:10 - 00112872 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2013-11-27 15:42 - 2013-03-06 07:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2013-11-27 15:41 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2013-11-27 15:41 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2013-11-27 15:37 - 2012-11-01 05:41 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2013-11-27 15:37 - 2012-11-01 05:41 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2013-11-27 15:37 - 2012-11-01 05:40 - 02361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2013-11-27 15:37 - 2012-11-01 05:40 - 01836032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2013-11-27 15:37 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2013-11-27 15:37 - 2012-11-01 05:21 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3r.dll
2013-11-27 15:37 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2013-11-27 15:37 - 2012-11-01 05:20 - 00002048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3r.dll
2013-11-27 15:35 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-27 15:35 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-11-27 15:34 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-11-27 15:34 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-27 15:34 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2013-11-27 15:34 - 2013-03-02 03:43 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-27 15:34 - 2013-02-07 02:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
Ich bedanke mich schon mal im Voraus für Eure Hilfe

EinFrage 16.12.2013 20:17
Übrigens kann ich jetzt plötzlich scrollen (ich denke sowieso das hat nichts mit der Malware zu tun).

FRST (Part2)

Code:
2013-11-27 15:21 - 2013-11-27 15:21 - 00000000 ____D C:\Users\XXXX\AppData\Local\Secunia PSI
2013-11-27 15:21 - 2013-11-27 15:21 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-27 15:19 - 2013-11-27 15:19 - 03865488 _____ (Secunia) C:\Users\XXXX\Downloads\PSI9015Setup.exe
2013-11-27 15:15 - 2013-11-27 15:15 - 00000000 ____D C:\Users\XXXX\AppData\Local\Macromedia
2013-11-27 15:14 - 2013-11-27 15:15 - 00000000 ____D C:\Users\XXXX\AppData\Local\Adobe
2013-11-27 14:44 - 2013-11-27 14:44 - 00000117 _____ C:\WINDOWS\system32\netcfg-77308526.txt
2013-11-27 14:44 - 2013-11-27 14:44 - 00000117 _____ C:\WINDOWS\system32\netcfg-77308292.txt
2013-11-26 22:40 - 2013-11-26 22:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-19475991.txt
2013-11-26 22:40 - 2013-11-26 22:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-19475695.txt
2013-11-26 20:14 - 2013-11-26 20:14 - 00000117 _____ C:\WINDOWS\system32\netcfg-10662465.txt
2013-11-26 20:14 - 2013-11-26 20:14 - 00000117 _____ C:\WINDOWS\system32\netcfg-10662153.txt
2013-11-26 18:10 - 2013-11-26 18:10 - 00001087 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-11-26 18:10 - 2013-11-26 18:10 - 00000000 ____D C:\ProgramData\Licenses
2013-11-26 18:10 - 2013-11-26 18:10 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-11-26 18:10 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2013-11-26 18:10 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2013-11-26 18:08 - 2013-11-26 18:08 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\AVAST Software
2013-11-26 18:07 - 2013-11-26 18:07 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\XXXX\Downloads\spywareblastersetup50.exe
2013-11-26 18:07 - 2013-11-26 18:07 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-26 18:06 - 2013-12-05 09:17 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-11-26 18:06 - 2013-11-26 18:06 - 01032416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00409832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-11-26 18:06 - 2013-11-26 18:06 - 00205320 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00084328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-11-26 18:06 - 2013-11-26 18:06 - 00038984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-11-26 17:56 - 2013-11-26 17:56 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-26 17:55 - 2013-11-26 17:55 - 04733496 _____ (AVAST Software) C:\Users\XXXX\Downloads\avast_free_antivirus_setup_online_fdi-c.exe
2013-11-26 17:55 - 2013-11-26 17:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-26 17:54 - 2013-11-27 15:08 - 00000000 ____D C:\Users\XXXX\AppData\Local\Mozilla
2013-11-26 17:54 - 2013-11-26 17:54 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Mozilla
2013-11-26 17:54 - 2013-11-26 17:54 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-26 17:48 - 2013-12-14 23:30 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2895581597-4197396578-4116386622-1001
2013-11-26 17:44 - 2013-11-26 17:44 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Macromedia
2013-11-26 17:42 - 2013-11-28 14:32 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-26 17:42 - 2013-11-28 14:32 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-26 17:42 - 2013-11-26 17:42 - 00001446 _____ C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 17:42 - 2013-11-26 17:42 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Adobe
2013-11-26 17:41 - 2013-12-16 12:29 - 02023731 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-26 17:41 - 2013-12-14 21:36 - 00000000 ____D C:\Users\XXXX\AppData\Local\Packages
2013-11-26 17:41 - 2013-12-01 11:29 - 00000000 ____D C:\Users\XXXX
2013-11-26 17:41 - 2013-11-27 17:57 - 00000000 ____D C:\ProgramData\PRICache
2013-11-26 17:41 - 2013-11-26 17:41 - 00000020 ___SH C:\Users\XXXX\ntuser.ini
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Vorlagen
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Startmenü
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Netzwerkumgebung
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Lokale Einstellungen
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Eigene Dateien
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Druckumgebung
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Documents\Eigene Musik
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Documents\Eigene Bilder
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\AppData\Local\Verlauf
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\AppData\Local\Anwendungsdaten
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Anwendungsdaten
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 ____D C:\Users\XXXX\AppData\Local\VirtualStore
2013-11-26 17:41 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-26 17:41 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-26 17:41 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-26 17:41 - 2012-07-26 09:13 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-26 17:39 - 2013-11-26 17:39 - 00000000 ____D C:\WINDOWS\CSC
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1340844.txt
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1340656.txt
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1340048.txt
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1336928.txt
2013-11-26 17:37 - 2013-11-26 17:37 - 00001139 _____ C:\WINDOWS\system32\netcfg-1247181.txt
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Programme
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-11-26 17:13 - 2013-11-26 17:13 - 00001135 _____ C:\WINDOWS\system32\netcfg-163239.txt
2013-11-26 17:13 - 2013-11-26 17:13 - 00000196 _____ C:\WINDOWS\system32\netcfg-164315.txt
2013-11-26 17:13 - 2013-11-26 17:13 - 00000185 _____ C:\WINDOWS\system32\netcfg-162085.txt
2013-11-26 17:13 - 2013-11-26 17:13 - 00000161 _____ C:\WINDOWS\system32\netcfg-158356.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000164 _____ C:\WINDOWS\system32\netcfg-155470.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000160 _____ C:\WINDOWS\system32\netcfg-157732.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000160 _____ C:\WINDOWS\system32\netcfg-156687.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000160 _____ C:\WINDOWS\system32\netcfg-148138.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000159 _____ C:\WINDOWS\system32\netcfg-156141.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000157 _____ C:\WINDOWS\system32\netcfg-157139.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000157 _____ C:\WINDOWS\system32\netcfg-154628.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000150 _____ C:\WINDOWS\system32\netcfg-155002.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000000 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-11-26 17:12 - 2013-11-26 17:12 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-11-26 17:11 - 2013-11-26 17:11 - 00001134 _____ C:\WINDOWS\system32\netcfg-81245.txt
2013-11-26 17:10 - 2013-12-04 23:32 - 00002922 _____ C:\WINDOWS\PFRO.log
2013-11-26 17:10 - 2013-11-26 17:41 - 00000000 ____D C:\WINDOWS\Panther
2013-11-26 17:10 - 2013-11-26 17:10 - 00000000 _____ C:\Recovery.txt

==================== One Month Modified Files and Folders =======

2013-12-16 13:59 - 2013-12-16 13:59 - 00009002 _____ C:\Users\XXXX\Desktop\FRST.txt
2013-12-16 13:59 - 2013-12-16 13:59 - 00000000 ____D C:\FRST
2013-12-16 13:55 - 2013-12-16 13:55 - 01927940 _____ (Farbar) C:\Users\XXXX\Desktop\FRST64.exe
2013-12-16 13:00 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-16 12:44 - 2013-12-16 12:44 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Malwarebytes
2013-12-16 12:43 - 2013-12-16 12:43 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\XXXX\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-16 12:43 - 2013-12-16 12:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-16 12:43 - 2013-12-16 12:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-16 12:37 - 2013-12-16 12:37 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-16 12:37 - 2013-12-16 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-16 12:37 - 2013-12-16 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-16 12:35 - 2013-12-16 12:35 - 00283096 _____ (Mozilla) C:\Users\XXXX\Downloads\Firefox Setup Stub 26.0.exe
2013-12-16 12:29 - 2013-11-26 17:41 - 02023731 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-14 23:42 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\rescache
2013-12-14 23:30 - 2013-11-26 17:48 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2895581597-4197396578-4116386622-1001
2013-12-14 21:36 - 2013-11-26 17:41 - 00000000 ____D C:\Users\XXXX\AppData\Local\Packages
2013-12-14 21:36 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-12-14 21:31 - 2012-07-26 11:27 - 00715482 _____ C:\WINDOWS\system32\perfh007.dat
2013-12-14 21:31 - 2012-07-26 11:27 - 00148046 _____ C:\WINDOWS\system32\perfc007.dat
2013-12-14 21:31 - 2012-07-26 08:28 - 01654648 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-14 21:27 - 2012-07-26 08:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-14 21:25 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2013-12-14 21:25 - 2012-07-26 06:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-12-14 21:24 - 2013-11-27 16:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-14 21:23 - 2013-11-27 16:43 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-11 21:15 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\oobe
2013-12-10 22:27 - 2013-12-10 22:27 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2013-12-10 22:27 - 2012-07-26 08:21 - 00020098 _____ C:\WINDOWS\setupact.log
2013-12-09 19:34 - 2013-12-09 19:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2013-12-09 15:47 - 2013-12-09 15:47 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2013-12-05 09:17 - 2013-11-26 18:06 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-12-04 23:32 - 2013-11-26 17:10 - 00002922 _____ C:\WINDOWS\PFRO.log
2013-12-04 01:53 - 2013-11-27 17:54 - 00694240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-12-04 01:53 - 2013-11-27 17:54 - 00078304 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-01 11:29 - 2013-11-26 17:41 - 00000000 ____D C:\Users\XXXX
2013-11-28 14:32 - 2013-11-26 17:42 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 14:32 - 2013-11-26 17:42 - 00000000 ___RD C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-28 14:29 - 2012-07-26 09:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-11-28 14:29 - 2012-07-26 09:12 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2013-11-28 14:28 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-28 14:28 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2013-11-28 12:18 - 2013-11-28 12:10 - 00002105 _____ C:\Users\XXXX\Desktop\Klicken Sie hier, um PC-Fehler zu finden und zu reparieren.lnk
2013-11-28 12:18 - 2013-11-28 12:10 - 00001338 _____ C:\Users\XXXX\Desktop\Smart Data Recovery.lnk
2013-11-28 12:10 - 2013-11-28 12:10 - 00000000 ____D C:\Program Files (x86)\Smart PC Solutions
2013-11-28 12:07 - 2013-11-28 12:07 - 02300056 _____ (Smart PC Solutions                                          ) C:\Users\XXXX\Downloads\recoverysetup_4.4.exe
2013-11-28 12:03 - 2013-11-28 12:03 - 00001330 _____ C:\Users\XXXX\Desktop\PC Inspector File Recovery.lnk
2013-11-28 12:03 - 2013-11-28 12:03 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Convar
2013-11-28 12:03 - 2013-11-28 12:03 - 00000000 ____D C:\Program Files (x86)\Convar
2013-11-28 12:02 - 2013-11-28 12:02 - 03462033 _____ C:\Users\XXXX\Downloads\pci_filerecovery.exe
2013-11-27 17:57 - 2013-11-27 17:49 - 00000000 ___RD C:\WINDOWS\BrowserChoice
2013-11-27 17:57 - 2013-11-26 17:41 - 00000000 ____D C:\ProgramData\PRICache
2013-11-27 17:55 - 2012-07-26 06:37 - 00000000 ____D C:\WINDOWS\servicing
2013-11-27 17:50 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-27 17:50 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-11-27 17:50 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-11-27 17:50 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-11-27 17:50 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-11-27 17:49 - 2012-07-26 11:29 - 00000000 ____D C:\Program Files\Windows Journal
2013-11-27 17:45 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-27 17:45 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-11-27 17:45 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-11-27 17:45 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-11-27 17:45 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2013-11-27 17:45 - 2012-07-26 06:38 - 00000000 ____D C:\WINDOWS\system32\Dism
2013-11-27 15:21 - 2013-11-27 15:21 - 00000000 ____D C:\Users\XXXX\AppData\Local\Secunia PSI
2013-11-27 15:21 - 2013-11-27 15:21 - 00000000 ____D C:\Program Files (x86)\Secunia
2013-11-27 15:19 - 2013-11-27 15:19 - 03865488 _____ (Secunia) C:\Users\XXXX\Downloads\PSI9015Setup.exe
2013-11-27 15:15 - 2013-11-27 15:15 - 00000000 ____D C:\Users\XXXX\AppData\Local\Macromedia
2013-11-27 15:15 - 2013-11-27 15:14 - 00000000 ____D C:\Users\XXXX\AppData\Local\Adobe
2013-11-27 15:08 - 2013-11-26 17:54 - 00000000 ____D C:\Users\XXXX\AppData\Local\Mozilla
2013-11-27 14:44 - 2013-11-27 14:44 - 00000117 _____ C:\WINDOWS\system32\netcfg-77308526.txt
2013-11-27 14:44 - 2013-11-27 14:44 - 00000117 _____ C:\WINDOWS\system32\netcfg-77308292.txt
2013-11-26 22:40 - 2013-11-26 22:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-19475991.txt
2013-11-26 22:40 - 2013-11-26 22:40 - 00000117 _____ C:\WINDOWS\system32\netcfg-19475695.txt
2013-11-26 20:14 - 2013-11-26 20:14 - 00000117 _____ C:\WINDOWS\system32\netcfg-10662465.txt
2013-11-26 20:14 - 2013-11-26 20:14 - 00000117 _____ C:\WINDOWS\system32\netcfg-10662153.txt
2013-11-26 18:10 - 2013-11-26 18:10 - 00001087 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2013-11-26 18:10 - 2013-11-26 18:10 - 00000000 ____D C:\ProgramData\Licenses
2013-11-26 18:10 - 2013-11-26 18:10 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2013-11-26 18:08 - 2013-11-26 18:08 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\AVAST Software
2013-11-26 18:07 - 2013-11-26 18:07 - 04095448 _____ (BrightFort LLC                                              ) C:\Users\XXXX\Downloads\spywareblastersetup50.exe
2013-11-26 18:07 - 2013-11-26 18:07 - 00001970 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-26 18:06 - 2013-11-26 18:06 - 01032416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00409832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00334648 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2013-11-26 18:06 - 2013-11-26 18:06 - 00205320 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00084328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00065776 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2013-11-26 18:06 - 2013-11-26 18:06 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2013-11-26 18:06 - 2013-11-26 18:06 - 00038984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswFsBlk.sys
2013-11-26 17:56 - 2013-11-26 17:56 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-26 17:56 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\restore
2013-11-26 17:55 - 2013-11-26 17:55 - 04733496 _____ (AVAST Software) C:\Users\XXXX\Downloads\avast_free_antivirus_setup_online_fdi-c.exe
2013-11-26 17:55 - 2013-11-26 17:55 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-26 17:54 - 2013-11-26 17:54 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Mozilla
2013-11-26 17:54 - 2013-11-26 17:54 - 00000000 ____D C:\ProgramData\Mozilla
2013-11-26 17:44 - 2013-11-26 17:44 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Macromedia
2013-11-26 17:42 - 2013-11-26 17:42 - 00001446 _____ C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 17:42 - 2013-11-26 17:42 - 00000000 ____D C:\Users\XXXX\AppData\Roaming\Adobe
2013-11-26 17:41 - 2013-11-26 17:41 - 00000020 ___SH C:\Users\XXXX\ntuser.ini
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Vorlagen
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Startmenü
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Netzwerkumgebung
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Lokale Einstellungen
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Eigene Dateien
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Druckumgebung
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Documents\Eigene Musik
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Documents\Eigene Bilder
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\AppData\Local\Verlauf
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\AppData\Local\Anwendungsdaten
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 _SHDL C:\Users\XXXX\Anwendungsdaten
2013-11-26 17:41 - 2013-11-26 17:41 - 00000000 ____D C:\Users\XXXX\AppData\Local\VirtualStore
2013-11-26 17:41 - 2013-11-26 17:10 - 00000000 ____D C:\WINDOWS\Panther
2013-11-26 17:39 - 2013-11-26 17:39 - 00000000 ____D C:\WINDOWS\CSC
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1340844.txt
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1340656.txt
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1340048.txt
2013-11-26 17:38 - 2013-11-26 17:38 - 00000117 _____ C:\WINDOWS\system32\netcfg-1336928.txt
2013-11-26 17:37 - 2013-11-26 17:37 - 00001139 _____ C:\WINDOWS\system32\netcfg-1247181.txt
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Programme
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-11-26 17:17 - 2013-11-26 17:17 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-11-26 17:17 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows NT
2013-11-26 17:17 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2013-11-26 17:15 - 2012-07-26 09:13 - 00001720 _____ C:\WINDOWS\DtcInstall.log
2013-11-26 17:13 - 2013-11-26 17:13 - 00001135 _____ C:\WINDOWS\system32\netcfg-163239.txt
2013-11-26 17:13 - 2013-11-26 17:13 - 00000196 _____ C:\WINDOWS\system32\netcfg-164315.txt
2013-11-26 17:13 - 2013-11-26 17:13 - 00000185 _____ C:\WINDOWS\system32\netcfg-162085.txt
2013-11-26 17:13 - 2013-11-26 17:13 - 00000161 _____ C:\WINDOWS\system32\netcfg-158356.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000164 _____ C:\WINDOWS\system32\netcfg-155470.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000160 _____ C:\WINDOWS\system32\netcfg-157732.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000160 _____ C:\WINDOWS\system32\netcfg-156687.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000160 _____ C:\WINDOWS\system32\netcfg-148138.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000159 _____ C:\WINDOWS\system32\netcfg-156141.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000157 _____ C:\WINDOWS\system32\netcfg-157139.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000157 _____ C:\WINDOWS\system32\netcfg-154628.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000150 _____ C:\WINDOWS\system32\netcfg-155002.txt
2013-11-26 17:12 - 2013-11-26 17:12 - 00000000 _____ C:\WINDOWS\system32\atiicdxx.dat
2013-11-26 17:12 - 2013-11-26 17:12 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2013-11-26 17:11 - 2013-11-26 17:11 - 00001134 _____ C:\WINDOWS\system32\netcfg-81245.txt
2013-11-26 17:10 - 2013-11-26 17:10 - 00000000 _____ C:\Recovery.txt
2013-11-26 17:10 - 2012-07-26 09:13 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2013-11-26 17:10 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\system32\Recovery
2013-11-23 07:43 - 2013-12-11 12:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2013-11-23 06:05 - 2013-12-11 12:43 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\XXXX\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\XXXX\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\XXXX\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
C:\Users\XXXX\AppData\Local\Temp\fp_pl_pfs_installer-4.exe
C:\Users\XXXX\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\XXXX\AppData\Local\Temp\ICReinstall_Firefox_Setup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-08 14:39

==================== End Of Log ============================

Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-12-2013 02
Ran by XXXX at 2013-12-16 14:00:37
Running from C:\Users\XXXX\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
avast! Free Antivirus (x32 Version: 9.0.2008)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
Secunia PSI (3.0.0.9015) (x32 Version: 3.0.0.9015)
Smart Data Recovery v4.4 (x32 Version: 4.4)
SpywareBlaster 5.0 (x32 Version: 5.0.0)

==================== Restore Points  =========================

04-12-2013 17:39:34 Geplanter Prüfpunkt
09-12-2013 15:50:33 Windows Update
14-12-2013 20:22:47 Windows Update

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {115A30F5-9629-4E2E-993E-F2EF77734558} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
Task: {12EAE5B5-51A0-430E-B1D8-34A4EA3FB0EF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-26] (AVAST Software)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {307D8C75-FDA3-49D3-AA9F-DB79F405FB59} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations
Task: {67229DF8-B971-4F31-933D-0FD466D45DE1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate
Task: {874A3BD7-D03D-4F2B-9461-5D6876D624CD} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E5AF74D9-4E90-4939-9741-60358E8000CA} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

==================== Loaded Modules (whitelisted) =============

2013-12-16 13:27 - 2013-12-15 22:42 - 02152448 _____ () C:\Program Files\AVAST Software\Avast\defs\13121501\algo.dll
2013-11-26 18:06 - 2013-11-26 18:06 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/16/2013 01:53:39 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537, Zeitstempel: 0x512347f7
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012b8a
ID des fehlerhaften Prozesses: 0xe00
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (12/16/2013 01:52:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 10.0.9200.16537, Zeitstempel: 0x512347f7
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 11.0.51106.1, Zeitstempel: 0x5098858e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012b8a
ID des fehlerhaften Prozesses: 0x96c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (12/16/2013 00:42:14 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 26.0.0.5087 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ff0

Startzeit: 01cefa5345d42f22

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 1a898982-6647-11e3-be6e-3860778cca8a

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/16/2013 00:23:54 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 25.0.1.5064 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: aa8

Startzeit: 01cefa50f829915b

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: 894a8470-6644-11e3-be6e-3860778cca8a

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/10/2013 11:29:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.2.9200.16420, Zeitstempel: 0x505a9152
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16451, Zeitstempel: 0x50988aa6
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000003811c
ID des fehlerhaften Prozesses: 0x520
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5

Error: (12/10/2013 11:29:03 PM) (Source: .NET Runtime) (User: )
Description: Anwendung: wwahost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
  bei System.Runtime.CompilerServices.AsyncMethodBuilderCore.<ThrowAsync>b__1(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (11/28/2013 11:58:30 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: PSIA.exe, Version: 3.0.0.9015, Zeitstempel: 0x5277789f
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00051e0a
ID des fehlerhaften Prozesses: 0x62c
Startzeit der fehlerhaften Anwendung: 0xPSIA.exe0
Pfad der fehlerhaften Anwendung: PSIA.exe1
Pfad des fehlerhaften Moduls: PSIA.exe2
Berichtskennung: PSIA.exe3
Vollständiger Name des fehlerhaften Pakets: PSIA.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSIA.exe5


System errors:
=============
Error: (12/16/2013 00:50:54 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/15/2013 01:56:11 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/15/2013 10:33:15 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/15/2013 00:36:22 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/14/2013 09:26:10 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (12/14/2013 09:24:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007045b fehlgeschlagen: Update für Microsoft Camera Codec Pack unter Windows 8 für x64-basierte Systeme (KB2899190)

Error: (12/14/2013 11:15:24 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/14/2013 00:20:37 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/13/2013 07:15:13 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4

Error: (12/12/2013 11:45:31 PM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 4


Microsoft Office Sessions:
=========================
Error: (12/16/2013 01:53:39 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7MSVCR110.dll11.0.51106.15098858ec000000500012b8ae0001cefa5d71d4e7a8C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dll150bd970-6651-11e3-be6e-3860778cca8a

Error: (12/16/2013 01:52:33 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.16537512347f7MSVCR110.dll11.0.51106.15098858ec000000500012b8a96c01cefa5dae5c6822C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\MSVCR110.dllee1bc7c0-6650-11e3-be6e-3860778cca8a

Error: (12/16/2013 00:42:14 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087ff001cefa5345d42f224294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe1a898982-6647-11e3-be6e-3860778cca8a

Error: (12/16/2013 00:23:54 PM) (Source: Application Hang)(User: )
Description: firefox.exe25.0.1.5064aa801cefa50f829915b4294967295C:\Program Files (x86)\Mozilla Firefox\firefox.exe894a8470-6644-11e3-be6e-3860778cca8a

Error: (12/10/2013 11:29:04 PM) (Source: Application Error)(User: )
Description: wwahost.exe6.2.9200.16420505a9152KERNELBASE.dll6.2.9200.1645150988aa6e0434352000000000003811c52001cef5f7122e7af5C:\WINDOWS\system32\wwahost.exeC:\WINDOWS\system32\KERNELBASE.dll79507c86-61ea-11e3-be6d-3860778cca8aMicrosoft.BingWeather_1.2.0.135_x64__8wekyb3d8bbweApp

Error: (12/10/2013 11:29:03 PM) (Source: .NET Runtime)(User: )
Description: Anwendung: wwahost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.UnauthorizedAccessException
Stapel:
  bei System.Runtime.CompilerServices.AsyncMethodBuilderCore.<ThrowAsync>b__1(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (11/28/2013 11:58:30 AM) (Source: Application Error)(User: )
Description: PSIA.exe3.0.0.90155277789fntdll.dll6.2.9200.16578515fac6ec000000500051e0a62c01ceeb9198eb04afC:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\WINDOWS\SYSTEM32\ntdll.dll03ce5f2c-581c-11e3-be68-3860778cca8a


==================== Memory info ===========================

Percentage of memory in use: 26%
Total physical RAM: 7913.9 MB
Available physical RAM: 5845.07 MB
Total Pagefile: 9129.9 MB
Available Pagefile: 7123.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:447.66 GB) (Free:413.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1F732B1D)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=448 GB) - (Type=07 NTFS)

==================== End Of Log ============================

EinFrage 19.12.2013 11:39
Hi,

sry, wenn ich diesen Thread wieder hochhole, ich weiß, dass das nicht gern gesehen wird. Ich will Euch auch auf keinen Fall drängen, es wirkte nur so als, ob mein Thread unbemerkt untergegangen ist (kann ja passieren), wollte deshalb nur darauf hinweisen.

Vielleicht ist mein Befund auch etwas komplexer und benötigt mehr Zeit.

Inzwischen glaube ich übrigens, dass die zumindest die ausgefallene Scrollfunktion meines Touchpads nichts mit der Malware zu tun hat.

EinFrage 06.01.2014 22:47
Hallöchen,

da der Thread doch sehr, sehr weit zurückgefallen ist und ich voller Hoffnung dennoch immer weider reinschaue, melde ich mich noch ein Mal um Euch zumindest darum zu bitten mir zu bestätigen, dass Ihr dieses Problem nicht erkennt/lösen könnt. Dann kann ich es nämlich abhaken.

Wäre sehr freundlich von Euch,

Vielen Dank


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:58 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131