WIN 8: TR/Mediyes.gen, von Anitivir gefunden

ciao · 07.12.2013, 12:06

Mein Problem ist der obengenannte Trojaner. Wie kann ich ihn entfernen ?

schrauber · 07.12.2013, 12:21

hi,

wo findet avira das?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ciao · 07.12.2013, 12:34

Als Anhang : FRST und Addition

schrauber · 07.12.2013, 12:48

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Und meine Frage zu Antivir?

ciao · 07.12.2013, 13:04

Das zu der Antivir-Frage

Code:

ATTFilter

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 3. Dezember 2013  11:29


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 8.1 Pro
Windowsversion : (plain)  [6.2.9200]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : FAST

Versionsinformationen:
BUILD.DAT      : 14.0.1.759     55393 Bytes  26.11.2013 12:19:00
AVSCAN.EXE     : 14.0.1.645   1030712 Bytes  29.11.2013 09:08:54
AVSCANRC.DLL   : 14.0.1.641     62008 Bytes  29.11.2013 09:08:55
LUKE.DLL       : 14.0.1.641     65080 Bytes  29.11.2013 09:09:14
AVSCPLR.DLL    : 14.0.1.641    124472 Bytes  29.11.2013 09:08:59
AVREG.DLL      : 14.0.1.641    250424 Bytes  29.11.2013 09:08:54
avlode.dll     : 14.0.1.681    517176 Bytes  29.11.2013 09:08:53
avlode.rdf     : 13.0.1.48      27867 Bytes  29.11.2013 09:09:19
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 09:01:31
VBASE001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 09:01:31
VBASE002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 09:01:31
VBASE003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 09:01:31
VBASE004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 09:01:31
VBASE005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 09:01:31
VBASE006.VDF   : 7.11.103.230  2293248 Bytes  24.09.2013 09:01:31
VBASE007.VDF   : 7.11.116.38  5485568 Bytes  28.11.2013 09:08:36
VBASE008.VDF   : 7.11.116.39     2048 Bytes  28.11.2013 09:08:37
VBASE009.VDF   : 7.11.116.40     2048 Bytes  28.11.2013 09:08:37
VBASE010.VDF   : 7.11.116.41     2048 Bytes  28.11.2013 09:08:37
VBASE011.VDF   : 7.11.116.42     2048 Bytes  28.11.2013 09:08:37
VBASE012.VDF   : 7.11.116.43     2048 Bytes  28.11.2013 09:08:37
VBASE013.VDF   : 7.11.116.44     2048 Bytes  28.11.2013 09:08:37
VBASE014.VDF   : 7.11.116.195   149504 Bytes  30.11.2013 11:01:00
VBASE015.VDF   : 7.11.116.215     2048 Bytes  30.11.2013 11:01:00
VBASE016.VDF   : 7.11.116.235     2048 Bytes  30.11.2013 11:01:00
VBASE017.VDF   : 7.11.116.236     2048 Bytes  30.11.2013 11:01:00
VBASE018.VDF   : 7.11.116.237     2048 Bytes  30.11.2013 11:01:00
VBASE019.VDF   : 7.11.116.238     2048 Bytes  30.11.2013 11:01:00
VBASE020.VDF   : 7.11.116.239     2048 Bytes  30.11.2013 11:01:00
VBASE021.VDF   : 7.11.116.240     2048 Bytes  30.11.2013 11:01:00
VBASE022.VDF   : 7.11.116.241     2048 Bytes  30.11.2013 11:01:00
VBASE023.VDF   : 7.11.116.242     2048 Bytes  30.11.2013 11:01:00
VBASE024.VDF   : 7.11.116.243     2048 Bytes  30.11.2013 11:01:00
VBASE025.VDF   : 7.11.116.244     2048 Bytes  30.11.2013 11:01:00
VBASE026.VDF   : 7.11.116.245     2048 Bytes  30.11.2013 11:01:00
VBASE027.VDF   : 7.11.116.246     2048 Bytes  30.11.2013 11:01:00
VBASE028.VDF   : 7.11.116.247     2048 Bytes  30.11.2013 11:01:00
VBASE029.VDF   : 7.11.116.248     2048 Bytes  30.11.2013 11:01:00
VBASE030.VDF   : 7.11.116.249     2048 Bytes  30.11.2013 11:01:01
VBASE031.VDF   : 7.11.117.90   284160 Bytes  03.12.2013 10:11:45
Engineversion  : 8.2.12.158
AEVDF.DLL      : 8.1.3.4       102774 Bytes  30.09.2013 09:01:12
AESCRIPT.DLL   : 8.1.4.172     520574 Bytes  03.12.2013 10:11:51
AESCN.DLL      : 8.1.10.4      131446 Bytes  30.09.2013 09:01:12
AESBX.DLL      : 8.2.16.26    1245560 Bytes  30.09.2013 09:01:12
AERDL.DLL      : 8.2.0.138     704888 Bytes  03.12.2013 10:11:51
AEPACK.DLL     : 8.3.3.6       762232 Bytes  03.12.2013 10:11:50
AEOFFICE.DLL   : 8.1.2.76      205181 Bytes  30.09.2013 09:01:12
AEHEUR.DLL     : 8.1.4.790    6328698 Bytes  03.12.2013 10:11:49
AEHELP.DLL     : 8.1.27.10     266618 Bytes  29.11.2013 09:08:40
AEGEN.DLL      : 8.1.7.20      446839 Bytes  29.11.2013 09:08:40
AEEXP.DLL      : 8.4.1.114     381304 Bytes  29.11.2013 09:08:45
AEEMU.DLL      : 8.1.3.2       393587 Bytes  30.09.2013 09:01:12
AECORE.DLL     : 8.1.32.2      201081 Bytes  29.11.2013 09:08:39
AEBB.DLL       : 8.1.1.4        53619 Bytes  30.09.2013 09:01:12
AVWINLL.DLL    : 14.0.1.641     23608 Bytes  29.11.2013 09:08:01
AVPREF.DLL     : 14.0.1.641     48696 Bytes  29.11.2013 09:08:53
AVREP.DLL      : 14.0.1.641    175672 Bytes  29.11.2013 09:08:54
AVARKT.DLL     : 14.0.1.641    257080 Bytes  29.11.2013 09:08:46
AVEVTLOG.DLL   : 14.0.1.641    165944 Bytes  29.11.2013 09:08:49
SQLITE3.DLL    : 3.7.0.1       394824 Bytes  30.09.2013 09:01:31
AVSMTP.DLL     : 14.0.1.641     60472 Bytes  29.11.2013 09:09:00
NETNT.DLL      : 14.0.1.641     13368 Bytes  29.11.2013 09:09:14
RCIMAGE.DLL    : 14.0.1.641   4786744 Bytes  29.11.2013 09:08:06
RCTEXT.DLL     : 14.0.1.641     67128 Bytes  29.11.2013 09:08:06

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_529daed6\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Dienstag, 3. Dezember 2013  11:29

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'WmiApSrv.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'TiWorker.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'glcnd.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.EXE' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SettingSyncHost.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'skydrive.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'TBNotifier.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '207' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConnectifyD.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConnectifyService.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'apnmcp.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '204' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Windows\WinSxS\Temp\PendingRenames\31cec92612f0ce0185040000a0060c06.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7'
C:\Windows\WinSxS\Temp\PendingRenames\31cec92612f0ce0185040000a0060c06.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen

Beginne mit der Desinfektion:
C:\Windows\WinSxS\Temp\PendingRenames\31cec92612f0ce0185040000a0060c06.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5aca11c6.qua' verschoben!


Ende des Suchlaufs: Dienstag, 3. Dezember 2013  11:32
Benötigte Zeit: 00:13 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
    718 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
    717 Dateien ohne Befall
      0 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise


Die Suchergebnisse werden an den Guard übermittelt.

FRST LOG

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2013 01
Ran by Björn (administrator) on FAST on 07-12-2013 12:28:56
Running from C:\Users\Björn\Downloads
Microsoft Windows 8.1 Pro (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
(Connectify) C:\Program Files\Connectify\ConnectifyService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Connectify) C:\Program Files\Connectify\Connectifyd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x86__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ApnTBMon] - C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1673680 2013-10-23] (APN)
HKLM\...\Run: [Connectify Hotspot] - C:\Program Files\Connectify\Connectify.exe [4162336 2013-09-24] (Connectify)
HKLM\...\Run: [Connectify Dispatch] - C:\Program Files\Connectify\DispatchUI.exe [2233120 2013-09-24] (Connectify)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
MountPoints2: {8f93f328-32a4-11e3-af9e-e89a8f3c7b83} - "E:\setup.exe" 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: dta - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] (APN LLC.)
R2 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-09-24] (Connectify)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137208 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63.sys [7783600 2013-07-01] (Broadcom Corporation)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [29672 2013-10-20] (Connectify)
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.)
R3 RSPCIESTOR; C:\Windows\system32\DRIVERS\RtsPStor.sys [256616 2012-03-29] (Realtek Semiconductor Corp.)
S3 RTLWUSB; C:\Windows\system32\DRIVERS\wg111v2.sys [167808 2006-03-27] (NETGEAR Inc.)
R1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-09-30] (Avira GmbH)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-07 12:28 - 2013-12-07 12:29 - 00006936 _____ C:\Users\Björn\Downloads\FRST.txt
2013-12-07 12:28 - 2013-12-07 12:28 - 01059921 _____ (Farbar) C:\Users\Björn\Downloads\FRST.exe
2013-12-07 12:28 - 2013-12-07 12:28 - 00000000 ____D C:\FRST
2013-12-03 12:39 - 2013-12-03 12:39 - 00000000 ____D C:\Users\Björn\AppData\Roaming\ImgBurn
2013-12-03 12:29 - 2013-12-03 12:29 - 00000000 ____D C:\Program Files\ImgBurn
2013-12-03 11:44 - 2013-12-03 11:44 - 00001340 _____ C:\Users\Björn\Desktop\JRT.txt
2013-12-03 11:40 - 2013-12-03 11:40 - 00001083 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Users\Björn\AppData\Roaming\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 11:40 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-03 11:38 - 2013-12-03 11:38 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-01 12:18 - 2013-12-01 12:19 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-01 12:18 - 2013-11-07 15:50 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-30 13:09 - 2013-11-30 13:19 - 00000000 ____D C:\Users\Björn\Desktop\Nhat Musik
2013-11-29 10:27 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-29 10:27 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-29 10:27 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-29 10:27 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-29 10:27 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-29 10:20 - 2013-10-23 05:54 - 03422208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-29 10:20 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-29 10:20 - 2013-10-19 06:20 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-11-29 10:20 - 2013-10-10 15:52 - 02872688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-29 10:20 - 2013-10-10 11:35 - 01128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-29 10:20 - 2013-10-08 09:26 - 01888088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-29 10:19 - 2013-10-23 10:44 - 00104280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-29 10:19 - 2013-10-23 10:24 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-29 10:19 - 2013-10-23 10:21 - 00044904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-29 10:19 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-29 10:19 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-29 10:19 - 2013-10-22 07:14 - 01033368 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-29 10:19 - 2013-10-22 07:13 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2013-11-29 10:19 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-29 10:19 - 2013-10-22 04:02 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-29 10:19 - 2013-10-22 03:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-29 10:19 - 2013-10-22 02:59 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-29 10:19 - 2013-10-22 02:51 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-29 10:19 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-29 10:19 - 2013-10-22 02:40 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-29 10:19 - 2013-10-19 08:18 - 01307480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-29 10:19 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-29 10:19 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-29 10:19 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-29 10:19 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-29 10:19 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-29 10:19 - 2013-10-17 15:04 - 01155384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-29 10:19 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-29 10:19 - 2013-10-13 01:49 - 00207192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-29 10:19 - 2013-10-13 01:29 - 00706536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-29 10:19 - 2013-10-11 17:34 - 02038272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-29 10:19 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-29 10:19 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-29 10:19 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-29 10:19 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-29 10:19 - 2013-10-10 15:53 - 00029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-29 10:19 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-29 10:19 - 2013-10-10 12:12 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-29 10:19 - 2013-10-10 11:19 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-29 10:19 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-29 10:19 - 2013-10-08 10:11 - 00036696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-29 10:19 - 2013-10-08 09:49 - 00415576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-29 10:19 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-29 10:19 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-29 10:19 - 2013-10-08 06:14 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-29 10:19 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-29 10:19 - 2013-10-08 05:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-29 10:19 - 2013-10-07 07:07 - 05753688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-29 10:19 - 2013-10-07 07:07 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-29 10:19 - 2013-10-07 03:03 - 02833408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-29 10:19 - 2013-10-05 13:30 - 00321368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-29 10:19 - 2013-10-05 13:30 - 00047960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-29 10:19 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-29 10:19 - 2013-10-05 10:59 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-29 10:19 - 2013-10-05 09:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-29 10:19 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-29 10:19 - 2013-10-05 09:29 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-29 10:19 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-29 10:19 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-29 10:19 - 2013-10-05 09:00 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-29 10:19 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-29 10:19 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-29 10:19 - 2013-10-04 09:00 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-29 10:19 - 2013-09-19 05:34 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-29 10:19 - 2013-09-17 07:34 - 00870232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-11-29 10:19 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-29 10:19 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-29 10:19 - 2013-09-17 04:47 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-29 10:19 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-29 10:19 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-29 10:19 - 2013-09-14 10:29 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-29 10:19 - 2013-09-14 09:54 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-29 10:19 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-29 10:19 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-29 10:19 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-29 10:19 - 2013-09-12 08:37 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-29 10:19 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-29 10:19 - 2013-09-12 08:17 - 00152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-29 10:19 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-29 10:19 - 2013-09-11 12:21 - 00261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-29 10:19 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-29 10:19 - 2013-09-10 05:28 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-29 10:17 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-29 10:15 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-29 10:14 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-29 10:14 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-29 10:14 - 2013-10-19 05:43 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-29 10:14 - 2013-10-19 05:28 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-29 10:14 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-29 10:14 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-29 10:14 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-29 10:14 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-29 10:14 - 2013-10-05 13:05 - 01090808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-29 10:13 - 2013-10-13 01:45 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-29 10:13 - 2013-10-12 22:14 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-29 10:13 - 2013-10-12 22:02 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-29 10:10 - 2013-11-29 10:09 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-11-07 13:13 - 2013-12-03 12:28 - 00003182 _____ C:\WINDOWS\setupact.log
2013-11-07 13:13 - 2013-11-07 13:13 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-07 12:49 - 2013-11-07 12:50 - 00000000 ____D C:\Users\Björn\Desktop\project
2013-11-07 12:38 - 2013-11-30 13:07 - 00000116 _____ C:\Users\Björn\Desktop\AuG.cpp
2013-11-07 11:37 - 2013-11-07 11:37 - 00000000 ____D C:\Users\BjÃ¶rn
2013-11-07 11:37 - 2013-10-24 13:24 - 04379048 _____ (Piriform Ltd) C:\Users\BjÃ¶rn\Desktop\ccsetup407.exe
2013-11-07 08:29 - 2013-11-07 08:29 - 00001005 _____ C:\Users\Björn\Desktop\codeblocks.lnk
2013-11-07 08:27 - 2013-11-30 13:08 - 00000000 ____D C:\Users\Björn\AppData\Roaming\codeblocks
2013-11-07 08:26 - 2013-11-07 08:27 - 00000000 ____D C:\Program Files\CodeBlocks
2013-11-07 08:26 - 2013-11-07 08:26 - 00000000 ____D C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2013-11-07 08:26 - 2013-10-23 09:59 - 00698232 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2013-11-07 08:25 - 2010-05-27 21:08 - 74027949 _____ (The Code::Blocks Team) C:\Users\Björn\Desktop\codeblocks-10.05mingw-setup.exe

==================== One Month Modified Files and Folders =======

2013-12-07 12:29 - 2013-12-07 12:28 - 00006936 _____ C:\Users\Björn\Downloads\FRST.txt
2013-12-07 12:28 - 2013-12-07 12:28 - 01059921 _____ (Farbar) C:\Users\Björn\Downloads\FRST.exe
2013-12-07 12:28 - 2013-12-07 12:28 - 00000000 ____D C:\FRST
2013-12-07 12:28 - 2013-10-11 22:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-07 12:03 - 2013-10-14 10:07 - 01813487 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-07 12:00 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-07 11:55 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-03 12:39 - 2013-12-03 12:39 - 00000000 ____D C:\Users\Björn\AppData\Roaming\ImgBurn
2013-12-03 12:31 - 2013-10-12 11:54 - 01686150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-03 12:29 - 2013-12-03 12:29 - 00000000 ____D C:\Program Files\ImgBurn
2013-12-03 12:28 - 2013-11-07 13:13 - 00003182 _____ C:\WINDOWS\setupact.log
2013-12-03 11:48 - 2013-10-11 19:45 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-03 11:48 - 2013-10-11 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-03 11:44 - 2013-12-03 11:44 - 00001340 _____ C:\Users\Björn\Desktop\JRT.txt
2013-12-03 11:40 - 2013-12-03 11:40 - 00001083 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Users\Björn\AppData\Roaming\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 11:38 - 2013-12-03 11:38 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-03 11:38 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-03 11:11 - 2013-10-13 12:54 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-12-03 11:08 - 2013-10-12 12:01 - 00000000 __RDO C:\Users\Björn\SkyDrive
2013-12-03 11:06 - 2013-08-22 08:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-02 15:46 - 2013-08-22 08:22 - 00333576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-01 12:23 - 2013-08-22 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-12-01 12:22 - 2013-08-22 09:17 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-01 12:22 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\system32\de-DE
2013-12-01 12:21 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\WinStore
2013-12-01 12:19 - 2013-12-01 12:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-30 13:19 - 2013-11-30 13:09 - 00000000 ____D C:\Users\Björn\Desktop\Nhat Musik
2013-11-30 13:08 - 2013-11-07 08:27 - 00000000 ____D C:\Users\Björn\AppData\Roaming\codeblocks
2013-11-30 13:07 - 2013-11-07 12:38 - 00000116 _____ C:\Users\Björn\Desktop\AuG.cpp
2013-11-29 10:21 - 2013-10-12 12:35 - 00000000 ____D C:\Windows.old
2013-11-29 10:09 - 2013-11-29 10:10 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-11-29 10:09 - 2013-10-13 12:54 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-11-07 15:50 - 2013-12-01 12:18 - 80340640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-07 13:13 - 2013-11-07 13:13 - 00000000 _____ C:\WINDOWS\setuperr.log
2013-11-07 12:54 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\system32\NDF
2013-11-07 12:50 - 2013-11-07 12:49 - 00000000 ____D C:\Users\Björn\Desktop\project
2013-11-07 11:38 - 2013-10-21 11:42 - 00000000 ____D C:\WINDOWS\Minidump
2013-11-07 11:38 - 2013-10-20 12:55 - 00000000 ____D C:\Program Files\Connectify
2013-11-07 11:38 - 2013-10-12 15:17 - 00000000 ____D C:\Program Files\CCleaner
2013-11-07 11:37 - 2013-11-07 11:37 - 00000000 ____D C:\Users\BjÃ¶rn
2013-11-07 08:29 - 2013-11-07 08:29 - 00001005 _____ C:\Users\Björn\Desktop\codeblocks.lnk
2013-11-07 08:27 - 2013-11-07 08:26 - 00000000 ____D C:\Program Files\CodeBlocks
2013-11-07 08:26 - 2013-11-07 08:26 - 00000000 ____D C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks

Some content of TEMP:
====================
C:\Users\Björn\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2013-11-29 10:20] - [2013-10-22 07:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-29 10:21

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Addition log

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-12-2013 01
Ran by Björn at 2013-12-07 12:30:14
Running from C:\Users\Björn\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Avira Free Antivirus (Version: 14.0.1.759)
Avira SearchFree Toolbar (Version: 12.6.0.1900)
CCleaner (Version: 4.07)
CodeBlocks (HKCU Version: 10.05)
Connectify (Version: 7.0.0.28979)
eReg (Version: 1.20.138.34)
ImgBurn (Version: 2.5.8.0)
Logitech SetPoint 6.61 (Version: 6.61.15)
Logitech Unifying-Software 2.10 (Version: 2.10.37)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
Mozilla Thunderbird 24.0.1 (x86 de) (Version: 24.0.1)
Secure Download Manager (Version: 3.1.10)
VLC media player 2.1.0 (Version: 2.1.0)

==================== Restore Points  =========================

20-10-2013 11:29:28 Windows Update
29-11-2013 09:05:21 Windows Update
03-12-2013 10:23:45 Windows Update
07-12-2013 10:42:59 Windows Update

==================== Hosts content: ==========================

2013-08-22 07:13 - 2013-08-22 07:13 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {00BC77BF-3352-4FE8-9617-4F1B27BEC19A} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {17233BE9-87E9-40B0-B003-AE9D2B92CBBE} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {2BE65564-89D1-4396-A5CC-D7D9283FC4A1} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {392EB017-207C-42BF-A061-F3BE721F456C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {4B7EF56A-8A42-4BD2-BB5C-7C389AC54A37} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => C:\Windows\System32\AppXDeploymentClient.dll [2013-09-19] (Microsoft Corporation)
Task: {7C3730BB-38B7-409C-A636-7AD4E57E77F1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\System32\MRT.exe [2013-11-07] (Microsoft Corporation)
Task: {8B5819AE-7B44-478B-A3D3-8846AF160A8F} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {92ED6570-4654-4BFA-9A6C-1084C6939C16} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {997C8BBD-710B-4E66-B5BC-CC09575A58D2} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {A5D45ED3-F524-4574-8F39-527F3729D1E2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\System32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {B8FA8B43-1394-427E-9589-BF4BB24BBDEC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {BB9F3206-8C16-4186-8B76-D735ACC3E018} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-11] (Adobe Systems Incorporated)
Task: {C0D0F7C4-419F-41B3-90A2-FE79270B828A} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {CF5A1DDC-D14D-4D59-AD49-A19A645B087B} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCF55BED-B1DF-4ABF-8D85-6542C7007799} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E4C8774A-2818-45A4-8A6D-11DDF6348886} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {F7217E62-6F97-491F-A19B-413BDD5879FF} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-10-11 19:45 - 2013-12-03 11:48 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Björn\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2013 11:59:17 AM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20279 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 934

Startzeit: 01cef01e75cb8f85

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: ddc305e0-5f2c-11e3-afa6-e89a8f3c7b83

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (12/03/2013 00:40:08 PM) (Source: Application Hang) (User: )
Description: Programm ImgBurn.exe, Version 2.5.8.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 808

Startzeit: 01cef01b0520cf04

Endzeit: 30

Anwendungspfad: C:\Program Files\ImgBurn\ImgBurn.exe

Berichts-ID: a55e124e-5c0f-11e3-afa6-e89a8f3c7b83

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/03/2013 11:10:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Name des fehlerhaften Moduls: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b9f42
ID des fehlerhaften Prozesses: 0xa0c
Startzeit der fehlerhaften Anwendung: 0xSetPoint.exe0
Pfad der fehlerhaften Anwendung: SetPoint.exe1
Pfad des fehlerhaften Moduls: SetPoint.exe2
Berichtskennung: SetPoint.exe3
Vollständiger Name des fehlerhaften Pakets: SetPoint.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SetPoint.exe5

Error: (11/30/2013 01:20:54 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Fast)
Description: Die App „microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe+Microsoft.WindowsLive.Calendar“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (11/30/2013 01:20:44 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.16384, Zeitstempel: 0x521571bd
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16384, Zeitstempel: 0x52158f91
Ausnahmecode: 0x00000004
Fehleroffset: 0x00010f63
ID des fehlerhaften Prozesses: 0x1720
Startzeit der fehlerhaften Anwendung: 0xwwahost.exe0
Pfad der fehlerhaften Anwendung: wwahost.exe1
Pfad des fehlerhaften Moduls: wwahost.exe2
Berichtskennung: wwahost.exe3
Vollständiger Name des fehlerhaften Pakets: wwahost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wwahost.exe5

Error: (11/29/2013 10:24:20 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2013 11:32:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16384, Zeitstempel: 0x52159006
Ausnahmecode: 0xc0150010
Fehleroffset: 0x00098ed0
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xSetPoint.exe0
Pfad der fehlerhaften Anwendung: SetPoint.exe1
Pfad des fehlerhaften Moduls: SetPoint.exe2
Berichtskennung: SetPoint.exe3
Vollständiger Name des fehlerhaften Pakets: SetPoint.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SetPoint.exe5

Error: (11/05/2013 11:32:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Name des fehlerhaften Moduls: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b9f42
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xSetPoint.exe0
Pfad der fehlerhaften Anwendung: SetPoint.exe1
Pfad des fehlerhaften Moduls: SetPoint.exe2
Berichtskennung: SetPoint.exe3
Vollständiger Name des fehlerhaften Pakets: SetPoint.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SetPoint.exe5

Error: (10/21/2013 06:59:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Name des fehlerhaften Moduls: SetPoint.exe, Version: 6.61.15.0, Zeitstempel: 0x51f96ac5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b9f42
ID des fehlerhaften Prozesses: 0x724
Startzeit der fehlerhaften Anwendung: 0xSetPoint.exe0
Pfad der fehlerhaften Anwendung: SetPoint.exe1
Pfad des fehlerhaften Moduls: SetPoint.exe2
Berichtskennung: SetPoint.exe3
Vollständiger Name des fehlerhaften Pakets: SetPoint.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SetPoint.exe5

Error: (10/21/2013 11:29:09 AM) (Source: Desktop Window Manager) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.


System errors:
=============
Error: (12/07/2013 00:25:58 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.

Error: (12/07/2013 11:59:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)

Error: (12/07/2013 11:45:22 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/03/2013 11:27:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)

Error: (12/03/2013 11:09:26 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/03/2013 11:06:10 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎02.‎12.‎2013 um 15:46:40 unerwartet heruntergefahren.

Error: (12/01/2013 00:18:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)

Error: (12/01/2013 11:55:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)

Error: (12/01/2013 11:52:31 AM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk1\DR4.

Error: (11/30/2013 01:08:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (12/07/2013 11:59:17 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.2027993401cef01e75cb8f854294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe\LiveComm.exeddc305e0-5f2c-11e3-afa6-e89a8f3c7b83microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (12/03/2013 00:40:08 PM) (Source: Application Hang)(User: )
Description: ImgBurn.exe2.5.8.080801cef01b0520cf0430C:\Program Files\ImgBurn\ImgBurn.exea55e124e-5c0f-11e3-afa6-e89a8f3c7b83

Error: (12/03/2013 11:10:31 AM) (Source: Application Error)(User: )
Description: SetPoint.exe6.61.15.051f96ac5SetPoint.exe6.61.15.051f96ac5c0000005000b9f42a0c01cef00f703fb3d7C:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files\Logitech\SetPointP\SetPoint.exe23987eb2-5c03-11e3-afa6-e89a8f3c7b83

Error: (11/30/2013 01:20:54 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Fast)
Description: microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe+Microsoft.WindowsLive.Calendar

Error: (11/30/2013 01:20:44 PM) (Source: Application Error)(User: )
Description: wwahost.exe6.3.9600.16384521571bdKERNELBASE.dll6.3.9600.1638452158f910000000400010f63172001ceedc6946ccc3aC:\WINDOWS\system32\wwahost.exeC:\WINDOWS\system32\KERNELBASE.dlld54b1f06-59b9-11e3-afa4-e89a8f3c7b83microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbweMicrosoft.WindowsLive.Calendar

Error: (11/29/2013 10:24:20 AM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Common Files\LogiShrd\sp6_Uninstall\tools\64\AddBrowsers.exe

Error: (11/05/2013 11:32:13 PM) (Source: Application Error)(User: )
Description: SetPoint.exe6.61.15.051f96ac5ntdll.dll6.3.9600.1638452159006c015001000098ed0e8001ceda76d09ebb1aC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\WINDOWS\SYSTEM32\ntdll.dll1d7be453-466a-11e3-afa3-e89a8f3c7b83

Error: (11/05/2013 11:32:09 PM) (Source: Application Error)(User: )
Description: SetPoint.exe6.61.15.051f96ac5SetPoint.exe6.61.15.051f96ac5c0000005000b9f42e8001ceda76d09ebb1aC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files\Logitech\SetPointP\SetPoint.exe1b44744e-466a-11e3-afa3-e89a8f3c7b83

Error: (10/21/2013 06:59:26 PM) (Source: Application Error)(User: )
Description: SetPoint.exe6.61.15.051f96ac5SetPoint.exe6.61.15.051f96ac5c0000005000b9f4272401cece86a8f3227fC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files\Logitech\SetPointP\SetPoint.exe85cbe123-3a7a-11e3-afa3-e89a8f3c7b83

Error: (10/21/2013 11:29:09 AM) (Source: Desktop Window Manager)(User: )
Description: 0x8898008d


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 2035.86 MB
Available physical RAM: 1037.05 MB
Total Pagefile: 3187.86 MB
Available Pagefile: 1932.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1869.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:204.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 0FC41D16)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 08.12.2013, 06:50

Nur in den Temps, aber schaun wir einmal genauer:

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost
HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com
%SystemRoot%\system32\*.tsp
C:\Windows\system32\*.dll /800

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

ciao · 08.12.2013, 11:09

Teil 1

Code:

ATTFilter

OTL logfile created on: 08.12.2013 10:49:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Björn\Downloads
 Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16438)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 50,65% Memory free
3,11 Gb Paging File | 1,84 Gb Available in Paging File | 59,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,54 Gb Total Space | 204,94 Gb Free Space | 88,13% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 0,33 Gb Free Space | 17,73% Space Free | Partition Type: FAT
 
Computer Name: FAST | User Name: Björn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.12.08 10:41:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Björn\Downloads\OTL.exe
PRC - [2013.12.03 11:48:48 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.11.29 10:09:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.11.29 10:09:00 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.11.29 10:08:50 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.11.29 10:08:49 | 000,683,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013.10.23 20:52:01 | 001,673,680 | ---- | M] (APN) -- C:\Programme\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013.10.22 07:03:47 | 002,065,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2013.10.20 13:23:49 | 012,327,424 | ---- | M] (Microsoft Corporation) -- C:\Programme\WindowsApps\Microsoft.Reader_6.3.9600.16422_x86__8wekyb3d8bbwe\glcnd.exe
PRC - [2013.09.24 15:37:50 | 003,178,272 | ---- | M] (Connectify) -- C:\Programme\Connectify\Connectifyd.exe
PRC - [2013.09.24 15:37:08 | 000,487,936 | ---- | M] (Connectify) -- C:\Programme\Connectify\ConnectifyService.exe
PRC - [2013.08.22 06:30:48 | 000,066,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhostex.exe
PRC - [2013.08.22 06:21:42 | 000,029,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RuntimeBroker.exe
PRC - [2013.08.22 03:45:10 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dasHost.exe
PRC - [2013.08.22 03:45:01 | 000,290,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.12.03 11:48:48 | 003,363,952 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.12.03 11:48:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.29 10:09:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.11.29 10:08:50 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.10.23 20:52:09 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Programme\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013.10.22 02:40:33 | 001,210,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\workfolderssvc.dll -- (workfolderssvc)
SRV - [2013.10.19 05:43:18 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013.10.11 22:55:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.10.10 15:52:58 | 002,872,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\WSService.dll -- (WSService)
SRV - [2013.10.10 11:35:11 | 001,128,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppXDeploymentServer.dll -- (AppXSvc)
SRV - [2013.10.04 09:00:53 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AppReadiness.dll -- (AppReadiness)
SRV - [2013.09.30 10:01:14 | 001,164,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2013.09.24 15:37:08 | 000,487,936 | ---- | M] (Connectify) [Auto | Running] -- C:\Programme\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2013.08.22 16:02:28 | 000,075,104 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV - [2013.08.22 16:02:25 | 001,778,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2013.08.22 16:02:21 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2013.08.22 06:18:20 | 000,278,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV - [2013.08.22 06:18:20 | 000,022,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2013.08.22 06:17:49 | 002,407,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 05:03:29 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wephostsvc.dll -- (WEPHOSTSVC)
SRV - [2013.08.22 05:03:12 | 000,028,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\efssvc.dll -- (EFS)
SRV - [2013.08.22 04:56:08 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wiarpc.dll -- (WiaRpc)
SRV - [2013.08.22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 04:54:45 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\svsvc.dll -- (svsvc)
SRV - [2013.08.22 04:50:48 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\fhsvc.dll -- (fhsvc)
SRV - [2013.08.22 04:10:39 | 000,141,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\NcaSvc.dll -- (NcaSvc)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicvss)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmictimesync)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicshutdown)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicrdv)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmickvpexchange)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicheartbeat)
SRV - [2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\icsvc.dll -- (vmicguestinterface)
SRV - [2013.08.22 03:59:51 | 001,122,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\smphost.dll -- (smphost)
SRV - [2013.08.22 03:50:12 | 000,197,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV - [2013.08.22 03:49:34 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV - [2013.08.22 03:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\keyiso.dll -- (KeyIso)
SRV - [2013.08.22 03:45:36 | 000,173,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\TimeBrokerServer.dll -- (TimeBroker)
SRV - [2013.08.22 03:44:38 | 000,415,744 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netprofmsvc.dll -- (netprofm)
SRV - [2013.08.22 03:41:55 | 000,124,928 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ncbservice.dll -- (NcbService)
SRV - [2013.08.22 03:39:58 | 000,300,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wcmsvc.dll -- (Wcmsvc)
SRV - [2013.08.22 03:39:05 | 000,196,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\vaultsvc.dll -- (VaultSvc)
SRV - [2013.08.22 03:38:43 | 000,306,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\das.dll -- (DeviceAssociationService)
SRV - [2013.08.22 03:38:31 | 000,202,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\bisrv.dll -- (BrokerInfrastructure)
SRV - [2013.08.22 03:37:53 | 001,185,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wlidsvc.dll -- (wlidsvc)
SRV - [2013.08.22 03:37:53 | 000,173,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV - [2013.08.22 03:36:04 | 000,614,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsm.dll -- (LSM)
SRV - [2013.08.22 03:35:39 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013.08.22 03:31:45 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\DeviceSetupManager.dll -- (DsmSvc)
SRV - [2013.08.22 03:21:32 | 000,064,000 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV - [2013.06.13 20:31:00 | 000,293,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2013.12.03 11:11:51 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\Drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.11.29 10:09:19 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avipbb.sys -- (avipbb)
DRV - [2013.10.20 12:56:00 | 000,029,672 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\System32\Drivers\cnnctfy3.sys -- (cnnctfy3)
DRV - [2013.10.13 01:45:41 | 000,069,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV - [2013.10.08 10:11:16 | 000,036,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\intelpep.sys -- (intelpep)
DRV - [2013.10.05 13:30:03 | 000,047,960 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\stornvme.sys -- (stornvme)
DRV - [2013.10.05 13:30:02 | 000,321,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\spaceport.sys -- (spaceport)
DRV - [2013.09.30 10:01:31 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2013.09.30 10:01:13 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.09.11 12:21:55 | 000,261,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV - [2013.08.22 16:02:30 | 000,019,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\kbldfltr.sys -- (kbldfltr)
DRV - [2013.08.22 16:02:28 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2013.08.22 16:02:15 | 000,030,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\terminpt.sys -- (terminpt)
DRV - [2013.08.22 07:13:53 | 000,142,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VerifierExt.sys -- (VerifierExt)
DRV - [2013.08.22 07:13:53 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\condrv.sys -- (condrv)
DRV - [2013.08.22 06:35:21 | 000,053,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\Drivers\dam.sys -- (dam)
DRV - [2013.08.22 06:35:20 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\acpiex.sys -- (acpiex)
DRV - [2013.08.22 06:34:52 | 000,133,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\tpm.sys -- (TPM)
DRV - [2013.08.22 06:33:32 | 000,058,208 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\mvumis.sys -- (mvumis)
DRV - [2013.08.22 06:33:31 | 000,033,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV - [2013.08.22 06:33:30 | 000,122,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV - [2013.08.22 06:33:30 | 000,068,960 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV - [2013.08.22 06:33:29 | 000,069,472 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV - [2013.08.22 06:33:26 | 000,086,368 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\3ware.sys -- (3ware)
DRV - [2013.08.22 06:33:25 | 000,773,472 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\adp80xx.sys -- (ADP80XX)
DRV - [2013.08.22 06:33:25 | 000,100,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV - [2013.08.22 06:33:24 | 000,073,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\EhStorClass.sys -- (EhStorClass)
DRV - [2013.08.22 06:33:01 | 000,276,832 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV - [2013.08.22 06:33:00 | 000,375,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV - [2013.08.22 06:32:57 | 000,163,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\UCX01000.SYS -- (UCX01000)
DRV - [2013.08.22 06:32:57 | 000,119,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx2.sys -- (SerCx2)
DRV - [2013.08.22 06:32:57 | 000,090,976 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\storahci.sys -- (storahci)
DRV - [2013.08.22 06:32:57 | 000,064,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\sdstor.sys -- (sdstor)
DRV - [2013.08.22 06:32:57 | 000,059,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SpbCx.sys -- (SpbCx)
DRV - [2013.08.22 06:32:57 | 000,058,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\SerCx.sys -- (SerCx)
DRV - [2013.08.22 06:32:57 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uaspstor.sys -- (UASPStor)
DRV - [2013.08.22 06:32:38 | 000,031,584 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\Drivers\cnghwassist.sys -- (cnghwassist)
DRV - [2013.08.22 06:25:43 | 000,077,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\pdc.sys -- (pdc)
DRV - [2013.08.22 06:25:38 | 000,046,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wpcfltr.sys -- (wpcfltr)
DRV - [2013.08.22 06:25:37 | 000,284,000 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\clfs.sys -- (CLFS)
DRV - [2013.08.22 06:24:56 | 000,023,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\uefi.sys -- (UEFI)
DRV - [2013.08.22 06:24:36 | 000,023,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV - [2013.08.22 06:20:49 | 000,093,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdNisDrv.sys -- (WdNisDrv)
DRV - [2013.08.22 06:20:48 | 000,214,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdFilter.sys -- (WdFilter)
DRV - [2013.08.22 06:20:22 | 000,093,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmbus.sys -- (vmbus)
DRV - [2013.08.22 06:20:22 | 000,045,376 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\vmstorfl.sys -- (storflt)
DRV - [2013.08.22 06:20:22 | 000,042,304 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\storvsc.sys -- (storvsc)
DRV - [2013.08.22 06:17:00 | 000,029,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\WdBoot.sys -- (WdBoot)
DRV - [2013.08.22 05:11:29 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\ahcache.sys -- (ahcache)
DRV - [2013.08.22 05:11:04 | 000,043,520 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV - [2013.08.22 05:10:58 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\BasicRender.sys -- (BasicRender)
DRV - [2013.08.22 05:10:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\HyperVideo.sys -- (HyperVideo)
DRV - [2013.08.22 05:10:37 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mshidumdf.sys -- (mshidumdf)
DRV - [2013.08.22 05:10:28 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpitime.sys -- (acpitime)
DRV - [2013.08.22 05:10:21 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\acpipagr.sys -- (acpipagr)
DRV - [2013.08.22 05:10:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\npsvctrig.sys -- (npsvctrig)
DRV - [2013.08.22 05:10:01 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV - [2013.08.22 05:09:59 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\kdnic.sys -- (kdnic)
DRV - [2013.08.22 05:09:57 | 000,006,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vms3cap.sys -- (s3cap)
DRV - [2013.08.22 05:09:50 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\vmgencounter.sys -- (gencounter)
DRV - [2013.08.22 05:09:37 | 000,023,808 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BthhfHid.sys -- (bthhfhid)
DRV - [2013.08.22 05:09:23 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\winusb.sys -- (WINUSB)
DRV - [2013.08.22 05:09:15 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV - [2013.08.22 05:09:10 | 000,026,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2013.08.22 05:09:09 | 000,012,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hyperkbd.sys -- (hyperkbd)
DRV - [2013.08.22 05:09:03 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013.08.22 05:09:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\hidi2c.sys -- (hidi2c)
DRV - [2013.08.22 05:09:01 | 000,018,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2013.08.22 05:08:37 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\dmvsc.sys -- (dmvsc)
DRV - [2013.08.22 05:08:18 | 000,072,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\netvsc63.sys -- (netvsc)
DRV - [2013.08.22 05:08:06 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV - [2013.08.22 05:07:57 | 000,109,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV - [2013.08.22 05:07:55 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\mslldp.sys -- (MsLldp)
DRV - [2013.08.22 05:07:53 | 000,029,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\vwifimp.sys -- (vwifimp)
DRV - [2013.08.22 05:07:19 | 000,091,136 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\Drivers\Ndu.sys -- (Ndu)
DRV - [2013.08.22 02:58:35 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\fxppm.sys -- (FxPPM)
DRV - [2013.08.13 00:25:32 | 000,016,088 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\bcmfn2.sys -- (bcmfn2)
DRV - [2013.08.10 01:39:44 | 000,524,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\System32\Drivers\iaStorAV.sys -- (iaStorAV)
DRV - [2013.07.23 22:18:30 | 000,061,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\iaioi2c.sys -- (iaioi2c)
DRV - [2013.07.23 22:18:30 | 000,022,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\iaiogpio.sys -- (GPIO)
DRV - [2013.07.01 17:50:13 | 007,783,600 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\BCMWL63.SYS -- (BCM43XX)
DRV - [2013.06.18 13:23:13 | 000,490,496 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\Rt630x86.sys -- (RTL8168)
DRV - [2013.05.23 07:12:34 | 000,037,528 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2013.05.23 07:12:32 | 000,043,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2013.05.23 07:12:30 | 000,042,264 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2013.05.23 07:12:30 | 000,010,136 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2012.03.29 07:26:12 | 000,256,616 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\Drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV - [2006.03.27 16:53:28 | 000,167,808 | ---- | M] (NETGEAR Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\wg111v2.sys -- (RTLWUSB)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2578381697-2246446574-1873589927-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-2578381697-2246446574-1873589927-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2578381697-2246446574-1873589927-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-2578381697-2246446574-1873589927-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: %7BF003DA68-8256-4b37-A6C4-350FA04494DF%7D:6.5
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013.10.12 15:11:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2013.10.11 19:45:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Björn\AppData\Roaming\mozilla\Extensions
[2013.12.03 11:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Björn\AppData\Roaming\mozilla\Firefox\Profiles\0na3gxyo.default\extensions
[2013.10.14 10:22:14 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Björn\AppData\Roaming\mozilla\firefox\profiles\0na3gxyo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.10.12 19:13:26 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Björn\AppData\Roaming\mozilla\firefox\profiles\0na3gxyo.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013.10.11 19:45:03 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.12.03 11:48:50 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.10.12 15:11:02 | 000,000,000 | ---D | M] (Logitech SetPoint) -- C:\PROGRAM FILES\LOGITECH\SETPOINTP\LOGISMOOTHFIREFOXEXT
File not found (No name found) -- C:\USERS\BJÃ¶RN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0NA3GXYO.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
 
O1 HOSTS File: ([2013.08.22 07:13:55 | 000,000,824 | ---- | M]) - C:\Windows\System32\Drivers\etc\hosts
O2 - BHO: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar) - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Connectify Dispatch] C:\Program Files\Connectify\DispatchUI.exe (Connectify)
O4 - HKLM..\Run: [Connectify Hotspot] C:\Program Files\Connectify\Connectify.exe (Connectify)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech Download Assistant] C:\WINDOWS\System32\LogiLDA.dll (Logitech, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F01C624-9230-4C5E-82C0-0B28DA5A8EB6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D27926D1-8B3D-44FA-9340-A102A191EEBC}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.07.26 07:52:25 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8f93f328-32a4-11e3-af9e-e89a8f3c7b83}\Shell - "" = AutoRun
O33 - MountPoints2\{8f93f328-32a4-11e3-af9e-e89a8f3c7b83}\Shell\AutoRun\command - "" = "E:\setup.exe" 
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.12.07 12:28:48 | 000,000,000 | ---D | C] -- C:\FRST
[2013.12.03 12:39:50 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\ImgBurn
[2013.12.03 12:29:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
[2013.12.03 12:29:47 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2013.12.03 11:40:15 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Roaming\Malwarebytes
[2013.12.03 11:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.12.03 11:40:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.12.03 11:40:07 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.12.03 11:40:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.12.03 11:39:05 | 000,000,000 | ---D | C] -- C:\Users\Björn\AppData\Local\Programs
[2013.12.03 11:38:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.12.01 12:18:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013.11.30 13:09:41 | 000,000,000 | ---D | C] -- C:\Users\Björn\Desktop\Nhat Musik
[2013.11.29 10:10:29 | 000,067,680 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avnetflt.sys
 
========== Files - Modified Within 30 Days ==========
 
[2013.12.08 10:40:03 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.12.07 13:28:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.12.03 12:31:33 | 000,727,930 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.12.03 12:31:33 | 000,687,180 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.12.03 12:31:33 | 000,151,586 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.12.03 12:31:33 | 000,127,812 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.12.03 11:40:10 | 000,001,083 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.12.03 11:11:51 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.03 11:06:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.12.03 11:05:56 | 1707,802,624 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.02 15:46:27 | 000,333,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.11.30 13:07:35 | 000,000,116 | ---- | M] () -- C:\Users\Björn\Desktop\AuG.cpp
[2013.11.29 10:09:19 | 000,137,208 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.11.29 10:09:19 | 000,067,680 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avnetflt.sys
 
========== Files Created - No Company Name ==========
 
[2013.12.03 12:29:51 | 000,001,839 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
[2013.12.03 11:40:10 | 000,001,083 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.11.29 10:19:17 | 000,385,528 | ---- | C] () -- C:\WINDOWS\System32\ApnDatabase.xml
[2013.10.12 11:54:09 | 000,021,532 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.08.22 15:59:39 | 000,727,930 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2013.08.22 15:59:39 | 000,305,634 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2013.08.22 15:59:39 | 000,151,586 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2013.08.22 15:59:39 | 000,040,390 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2013.08.22 09:19:09 | 000,687,180 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2013.08.22 09:19:09 | 000,296,742 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013.08.22 09:19:09 | 000,127,812 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.22 09:19:09 | 000,033,362 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013.08.22 09:17:31 | 000,000,389 | ---- | C] () -- C:\WINDOWS\System32\AutoWorkplace.exe.config
[2013.08.22 09:17:30 | 000,215,943 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013.08.22 09:17:29 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\NOISE.DAT
[2013.08.22 08:24:03 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:22:45 | 000,333,576 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.08.22 04:33:54 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\BthpanContextHandler.dll
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\System32\BWContextHandler.dll
[2013.08.22 04:17:46 | 000,103,936 | ---- | C] () -- C:\WINDOWS\System32\OEMLicense.dll
[2013.08.22 00:57:03 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013.08.22 00:52:35 | 001,520,828 | ---- | C] () -- C:\WINDOWS\System32\WpcNBModel.bin
[2013.08.22 00:52:35 | 000,526,068 | ---- | C] () -- C:\WINDOWS\System32\staticurllist.bin
[2013.08.22 00:50:57 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\settings.dat
[2013.08.22 00:48:14 | 000,049,963 | ---- | C] () -- C:\WINDOWS\System32\srms.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2013.08.22 03:42:12 | 000,390,144 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.10.12 15:18:46 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\DAEMON Tools Lite
[2013.10.11 19:50:09 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\e-academy Inc
[2013.12.03 12:39:50 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\ImgBurn
[2013.10.12 15:12:13 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Leadertech
[2013.10.12 19:43:58 | 000,000,000 | ---D | M] -- C:\Users\Björn\AppData\Roaming\Thunderbird
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >
"NextProviderID" = 5
"ProviderFileName1" = kmddsp.tsp -- [2013.08.22 05:04:36 | 000,039,424 | ---- | M] (Microsoft Corporation)
"ProviderID2" = 3
"ProviderID1" = 2
"ProviderFileName0" = unimdm.tsp -- [2013.08.22 04:57:46 | 000,277,504 | ---- | M] (Microsoft Corporation)
"ProviderID0" = 1
"ProviderFileName2" = ndptsp.tsp
"NumProviders" = 4
"ProviderID3" = 4
"ProviderFilename3" = hidphone.tsp -- [2013.08.22 05:02:49 | 000,032,256 | ---- | M] (Microsoft Corporation)
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S >
"DisplayName" = @%systemroot%\system32\wkssvc.dll,-100
"ErrorControl" = 1
"Group" = NetworkProvider
"ImagePath" = %SystemRoot%\System32\svchost.exe -k NetworkService -- [2013.08.22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation)
"Start" = 2
"Type" = 32
"Description" = @%systemroot%\system32\wkssvc.dll,-101
"DependOnService" = BowserMRxSmb20NSI [binary data]
"ObjectName" = NT AUTHORITY\NetworkService
"ServiceSidType" = 1
"RequiredPrivileges" = SeChangeNotifyPrivilegeSeImperson [Binary data over 200 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage]
"Bind" = \Device\Tcpip_{B89BE3DD-9F09-41E9- [Binary data over 200 bytes]
"Route" = "Tcpip" "{B89BE3DD-9F09-41E9-BBF5- [Binary data over 200 bytes]
"Export" = \Device\LanmanWorkstation_Tcpip_{B [Binary data over 200 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\NetworkProvider]
"DeviceName" = \Device\LanmanRedirector
"ProviderPath" = %SystemRoot%\System32\ntlanman.dll -- [2013.08.22 03:52:28 | 000,056,832 | ---- | M] (Microsoft Corporation)
"DisplayName" = @%systemroot%\system32\wkssvc.dll,-102
"Name" = Microsoft Windows Network
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"ServiceDllUnloadOnStop" = 1
"RequireSecuritySignature" = 0
"EnableSecuritySignature" = 1
"EnablePlainTextPassword" = 0
"ServiceDll" = %SystemRoot%\System32\wkssvc.dll -- [2013.08.22 03:46:52 | 000,230,912 | ---- | M] (Microsoft Corporation)
"OtherDomains" =  [binary data]
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S >
"DisplayName" = @%SystemRoot%\System32\dnsapi.dll,-101
"ErrorControl" = 1
"Group" = TDI
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2013.08.22 06:30:58 | 000,031,552 | ---- | M] (Microsoft Corporation)
"Start" = 2
"Type" = 32
"Description" = @%SystemRoot%\System32\dnsapi.dll,-102
"DependOnService" = Tdxnsi [binary data]
"ObjectName" = NT AUTHORITY\NetworkService
"ServiceSidType" = 1
"RequiredPrivileges" = SeChangeNotifyPrivilegeSeCreateGlobalPrivilege [binary data]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\InterfaceSpecificParameters]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]
"extension" = %SystemRoot%\System32\dnsext.dll -- [2013.08.22 03:49:41 | 000,011,264 | ---- | M] (Microsoft Corporation)
"ServiceDllUnloadOnStop" = 1
"ServiceDll" = %SystemRoot%\System32\dnsrslvr.dll -- [2013.10.08 06:14:47 | 000,186,880 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\Probe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\Probe\{02ea1086-ba9d-4f24-80fc-8ed3a3b6a77e}]
"LastProbeTime" = 1382277790
"NetworkPerformsHijacking" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\Probe\{22698f2e-cdf7-487d-85db-0eebd045e927}]
"LastProbeTime" = 1386068883
"NetworkPerformsHijacking" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\Probe\{2fba62fe-cfc1-44dc-943d-a3dd9404e460}]
"LastProbeTime" = 1383824140
"NetworkPerformsHijacking" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\Probe\{6c71c66d-bd16-4a17-a072-11a85f2ac971}]
"LastProbeTime" = 1385899221
"NetworkPerformsHijacking" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\Probe\{73dbcf38-9879-4d8d-be4a-24e64fb263af}]
"LastProbeTime" = 1381583828
"NetworkPerformsHijacking" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Security]
"Security" = 01 00 14 80 10 01 00 00 1C 01 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 E0 00 09 00 00 00 00 02 18 00 9D 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 21 02 00 00 00 02 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 02 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 14 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 13 00 00 00 00 02 18 00 CD 00 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 02 28 00 CD 01 02 00 01 06 00 00 00 00 00 05 50 00 00 00 04 C9 44 AF 94 D9 D3 E5 2B E1 B7 1C 17 84 87 13 6E 1A FA 65 00 02 18 00 9D 01 02 00 01 02 00 00 00 00 00 0F 02 00 00 00 01 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00  [Binary data over 200 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo\0]
"Type" = 4
"Action" = 1
"GUID" = 07 9E 56 B7 21 84 E0 4E AD 10 86 91 5A FD AD 09  [binary data]
"Data0" = 5355UDP [binary data]
"DataType0" = 2
 
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >
"RPCSS" = RpcEptMapperRpcSs [binary data]
"LocalService" = nsiWdiServiceHostw32timeEventSy [Binary data over 200 bytes]
"WepHostSvcGroup" = WepHostSvc [binary data] -- [2013.08.22 05:03:29 | 000,020,992 | ---- | M] (Microsoft Corporation)
"defragsvc" = defragsvc [binary data] -- [2013.08.22 03:38:37 | 000,357,888 | ---- | M] (Microsoft Corporation)
"DcomLaunch" = PowerBrokerInfrastructureLSMPlu [Binary data over 200 bytes]
"LocalServiceAndNoImpersonation" = TimeBrokerSSDPSRVupnphostSCardS [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = WdiSystemHostScDeviceEnumWiaRpc [Binary data over 200 bytes]
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"WerSvcGroup" = wersvc [binary data] -- [2013.08.22 03:46:37 | 000,082,944 | ---- | M] (Microsoft Corporation)
"WbioSvcGroup" = WbioSrvc [binary data] -- [2013.08.22 03:47:57 | 000,314,368 | ---- | M] (Microsoft Corporation)
"LocalServiceNoNetwork" = DPSPLABFEmpssvcNcdAutoSetupWwanSvc [binary data]
"imgsvc" = StiSvc [binary data]
"termsvcs" = TermService [binary data]
"swprv" = swprv [binary data] -- [2013.08.22 03:27:38 | 000,352,256 | ---- | M] (Microsoft Corporation)
"smphost" = smphost [binary data] -- [2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation)
"wsappx" = AppXSvcWSService [binary data]
"ICService" = vmicheartbeatvmicrdv [binary data]
"LocalServiceNetworkRestricted" = DHCPeventlogAudioSrvwscsvcLmHo [Binary data over 200 bytes]
"LocalServicePeerNet" = PNRPSvcp2pimsvcp2psvcPnrpAutoReg [binary data]
"NetworkServiceAndNoImpersonation" = KtmRm [binary data]
"regsvc" = RemoteRegistry [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2013.08.22 04:37:49 | 000,034,304 | ---- | M] (Microsoft Corporation)
"NetworkServiceNetworkRestricted" = PolicyAgent [binary data]
"AxInstSVGroup" = AxInstSV [binary data] -- [2013.08.22 04:06:00 | 000,088,064 | ---- | M] (Microsoft Corporation)
"AppReadiness" = AppReadiness [binary data] -- [2013.10.04 09:00:53 | 000,409,088 | ---- | M] (Microsoft Corporation)
"NetworkService" = CryptSvcnlasvclanmanworkstation [Binary data over 200 bytes]
"PeerDist" = PeerDistSvc [binary data] -- [2013.08.22 16:02:25 | 001,778,176 | ---- | M] (Microsoft Corporation)
"print" = PrintNotify [binary data]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\defragsvc]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\ICService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\print]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\swprv]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\WepHostSvcGroup]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wercplsupport]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wsappx]
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >
 
< %SystemRoot%\system32\*.tsp >
[2013.08.22 05:02:49 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
[2013.08.22 05:04:36 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
[2013.08.22 04:31:04 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\remotesp.tsp
[2013.08.22 04:57:46 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
 
< C:\Windows\system32\*.dll /800 >
[2013.08.22 04:20:58 | 003,793,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\accessibilitycpl.dll
[2013.08.22 05:16:58 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ACCTRES.dll
[2013.08.22 05:04:20 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\acledit.dll
[2013.08.22 04:19:14 | 000,887,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aclui.dll
[2013.08.22 04:29:37 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\acppage.dll
[2013.08.22 04:58:15 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\acproxy.dll
[2013.08.22 04:15:00 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ActionCenter.dll
[2013.08.22 04:25:31 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ActionCenterCPL.dll
[2013.08.22 04:57:02 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ActionQueue.dll
[2013.08.22 03:20:52 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\activeds.dll
[2013.10.10 12:05:42 | 001,019,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\actxprxy.dll
[2013.08.22 03:53:32 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adhapi.dll
[2013.08.22 03:36:11 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adhsvc.dll
[2013.08.22 16:02:20 | 000,444,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AdmTmpl.dll
[2013.08.22 04:44:28 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adprovider.dll
[2013.08.22 16:02:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adrclient.dll
[2013.08.22 04:56:51 | 000,205,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adsldp.dll
[2013.08.22 05:02:37 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adsldpc.dll
[2013.08.22 04:49:56 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adsmsext.dll
[2013.08.22 04:48:44 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adsnt.dll
[2013.08.22 07:13:53 | 000,730,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\adtschema.dll
[2013.08.22 06:22:09 | 000,489,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advapi32.dll
[2013.08.22 05:16:23 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advapi32res.dll
[2013.08.22 04:43:23 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\advpack.dll
[2013.08.22 04:37:55 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aecache.dll
[2013.08.22 05:16:00 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aeevts.dll
[2013.08.22 04:37:11 | 000,438,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aeinv.dll
[2013.08.22 05:03:23 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aelupsvc.dll
[2013.08.22 03:00:19 | 000,518,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aepdu.dll
[2013.08.22 04:41:33 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aepic.dll
[2013.08.22 03:21:25 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AepRoam.dll
[2013.08.22 03:18:00 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AltTab.dll
[2013.08.22 04:53:29 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\amstream.dll
[2013.08.22 04:04:46 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apds.dll
[2013.08.22 05:14:10 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-appmodel-identity-l1-1-0.dll
[2013.08.22 05:13:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-appmodel-runtime-internal-l1-1-0.dll
[2013.08.22 05:14:12 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-appmodel-runtime-l1-1-0.dll
[2013.08.22 05:14:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-appmodel-runtime-l1-1-1.dll
[2013.08.22 05:14:11 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-appmodel-state-l1-1-0.dll
[2013.08.22 05:14:11 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-appmodel-state-l1-1-1.dll
[2013.08.22 05:14:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-base-bootconfig-l1-1-0.dll
[2013.08.22 05:14:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-base-util-l1-1-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-apiquery-l1-1-0.dll
[2013.08.22 05:17:18 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-appcompat-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-appcompat-l1-1-1.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-appinit-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-atoms-l1-1-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-bem-l1-1-0.dll
[2013.08.22 05:14:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-bicltapi-l1-1-0.dll
[2013.08.22 05:14:12 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-bicltapi-l1-1-1.dll
[2013.08.22 05:14:13 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-biplmapi-l1-1-0.dll
[2013.08.22 05:14:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-biplmapi-l1-1-1.dll
[2013.08.22 05:14:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-biptcltapi-l1-1-0.dll
[2013.08.22 05:14:12 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-biptcltapi-l1-1-1.dll
[2013.08.22 05:14:46 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-calendar-l1-1-0.dll
[2013.08.22 05:14:21 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-com-l1-1-0.dll
[2013.08.22 05:14:23 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-com-l1-1-1.dll
[2013.08.22 05:12:54 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-com-private-l1-1-0.dll
[2013.08.22 05:14:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-comm-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
[2013.08.22 05:14:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l2-1-0.dll
[2013.08.22 05:17:34 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-crt-l1-1-0.dll
[2013.08.22 05:17:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-crt-l2-1-0.dll
[2013.08.22 05:17:22 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
[2013.08.22 05:17:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-1.dll
[2013.08.22 05:17:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-1.dll
[2013.08.22 05:17:14 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
[2013.08.22 05:17:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-1.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.08.22 05:17:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-1.dll
[2013.08.22 05:17:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
[2013.08.22 05:17:22 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-1.dll
[2013.08.22 05:17:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l2-1-0.dll
[2013.08.22 05:17:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l2-1-1.dll
[2013.08.22 05:17:23 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
[2013.08.22 05:17:23 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
[2013.08.22 05:17:23 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-2-1.dll
[2013.08.22 05:17:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
[2013.08.22 05:17:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l2-1-1.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-firmware-l1-1-0.dll
[2013.08.22 05:17:23 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
[2013.08.22 05:17:23 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
[2013.08.22 05:17:24 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-2-0.dll
[2013.08.22 05:17:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-obsolete-l1-1-0.dll
[2013.08.22 05:17:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.08.22 05:17:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-2-0.dll
[2013.08.22 05:17:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
[2013.08.22 05:17:24 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-1.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-job-l1-1-0.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-job-l2-1-0.dll
[2013.08.22 05:17:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-kernel32-legacy-l1-1-0.dll
[2013.08.22 05:17:18 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-kernel32-legacy-l1-1-1.dll
[2013.08.22 05:15:42 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-kernel32-private-l1-1-0.dll
[2013.08.22 05:17:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013.08.22 05:17:20 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013.08.22 05:17:28 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
[2013.08.22 05:17:32 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
[2013.08.22 05:17:24 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-2-1.dll
[2013.08.22 05:17:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l2-1-0.dll
[2013.08.22 05:17:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-obsolete-l1-1-0.dll
[2013.08.22 05:17:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-obsolete-l1-2-0.dll
[2013.08.22 05:17:24 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-private-l1-1-0.dll
[2013.08.22 05:17:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
[2013.08.22 05:17:24 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-1.dll
[2013.08.22 05:17:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-2.dll
[2013.08.22 05:17:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-multipleproviderrouter-l1-1-0.dll
[2013.08.22 05:17:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.08.22 05:17:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-2-0.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namespace-l1-1-0.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-normalization-l1-1-0.dll
[2013.08.22 05:17:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-path-l1-1-0.dll
[2013.08.22 05:17:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-privateprofile-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-2-0.dll
[2013.08.22 05:17:15 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processsecurity-l1-1-0.dll
[2013.08.22 05:17:25 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.08.22 05:17:29 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
[2013.08.22 05:17:31 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-2.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processtopology-l1-1-0.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processtopology-l1-2-0.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processtopology-obsolete-l1-1-0.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processtopology-private-l1-1-0.dll
[2013.08.22 05:17:26 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psapi-ansi-l1-1-0.dll
[2013.08.22 05:17:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psapi-l1-1-0.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psapi-obsolete-l1-1-0.dll
[2013.08.22 05:14:11 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psm-app-l1-1-0.dll
[2013.08.22 05:14:11 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psm-appnotify-l1-1-0.dll
[2013.08.22 05:14:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psm-info-l1-1-0.dll
[2013.08.22 05:14:45 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psm-key-l1-1-0.dll
[2013.08.22 05:13:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psm-plm-l1-1-0.dll
[2013.08.22 05:13:28 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-psm-plm-l1-1-1.dll
[2013.08.22 05:17:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-quirks-l1-1-0.dll
[2013.08.22 05:17:29 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-realtime-l1-1-0.dll
[2013.08.22 05:17:13 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-registry-l1-1-0.dll
[2013.08.22 05:14:44 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-registry-l2-1-0.dll
[2013.08.22 05:14:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-registry-private-l1-1-0.dll
[2013.08.22 05:17:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-registryuserspecific-l1-1-0.dll
[2013.08.22 05:17:32 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.08.22 05:17:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-2-0.dll
[2013.08.22 05:17:36 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-shlwapi-legacy-l1-1-0.dll
[2013.08.22 05:17:36 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-shlwapi-obsolete-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-shutdown-l1-1-0.dll
[2013.08.22 05:17:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sidebyside-l1-1-0.dll
[2013.08.22 05:17:14 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l2-1-0.dll
[2013.08.22 05:17:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-obsolete-l1-1-0.dll
[2013.08.22 05:17:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-stringansi-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-stringloader-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-stringloader-l1-1-1.dll
[2013.08.22 05:17:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
[2013.08.22 05:17:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
[2013.08.22 05:17:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.08.22 05:17:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-2-0.dll
[2013.08.22 05:17:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-2-1.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-systemtopology-l1-1-0.dll
[2013.08.22 05:17:33 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.08.22 05:17:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-2-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-legacy-l1-1-0.dll
[2013.08.22 05:17:34 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-private-l1-1-0.dll
[2013.08.22 05:17:33 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-timezone-private-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-toolhelp-l1-1-0.dll
[2013.08.22 05:17:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-url-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
[2013.08.22 05:17:36 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-version-l1-1-0.dll
[2013.08.22 05:17:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-version-private-l1-1-0.dll
[2013.08.22 05:17:35 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-versionansi-l1-1-0.dll
[2013.08.22 05:17:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-windowserrorreporting-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-error-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-error-l1-1-1.dll
[2013.08.22 05:14:21 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-errorprivate-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-errorprivate-l1-1-1.dll
[2013.08.22 05:14:21 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-l1-1-0.dll
[2013.08.22 05:12:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-propertysetprivate-l1-1-0.dll
[2013.08.22 05:11:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-registration-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-robuffer-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-roparameterizediid-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-winrt-string-l1-1-0.dll
[2013.08.22 05:17:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-wow64-l1-1-0.dll
[2013.08.22 05:17:33 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
[2013.08.22 05:17:33 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-1.dll
[2013.08.22 05:17:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
[2013.08.22 05:14:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-devices-config-l1-1-0.dll
[2013.08.22 05:14:45 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-devices-config-l1-1-1.dll
[2013.08.22 05:17:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-devices-query-l1-1-0.dll
[2013.08.22 05:17:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-devices-query-l1-1-1.dll
[2013.08.22 05:17:37 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-devices-swdevice-l1-1-0.dll
[2013.08.22 05:17:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-devices-swdevice-l1-1-1.dll
[2013.08.22 05:17:19 | 000,006,656 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.08.22 05:14:49 | 000,007,168 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-1.dll
[2013.08.22 05:14:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.08.22 05:14:48 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-1.dll
[2013.08.22 05:14:48 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l3-1-0.dll
[2013.08.22 05:14:48 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l4-1-0.dll
[2013.08.22 05:14:49 | 000,020,992 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-kernel32-l1-1-0.dll
[2013.08.22 05:14:49 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-kernel32-l2-1-0.dll
[2013.08.22 05:14:49 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.08.22 05:14:21 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.08.22 05:14:43 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-1.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.08.22 05:17:38 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.08.22 05:14:43 | 000,006,656 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-1.dll
[2013.08.22 05:14:21 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.08.22 05:14:43 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-1.dll
[2013.08.22 05:14:48 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-1.dll
[2013.08.22 05:14:48 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.08.22 05:14:48 | 000,006,656 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-dx-d3dkmt-l1-1-0.dll
[2013.08.22 05:17:18 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventing-classicprovider-l1-1-0.dll
[2013.08.22 05:17:19 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventing-consumer-l1-1-0.dll
[2013.08.22 05:17:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventing-controller-l1-1-0.dll
[2013.08.22 05:17:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventing-legacy-l1-1-0.dll
[2013.08.22 05:17:19 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventing-obsolete-l1-1-0.dll
[2013.08.22 05:17:36 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
[2013.08.22 05:17:37 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventlog-legacy-l1-1-0.dll
[2013.08.22 05:14:43 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-eventlog-private-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-gdi-dpiinfo-l1-1-0.dll
[2013.08.22 05:13:55 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-http-time-l1-1-0.dll
[2013.08.22 05:14:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-input-ie-interactioncontext-l1-1-0.dll

ciao · 08.12.2013, 11:12

Teil 2

Code:

ATTFilter

[2013.08.22 05:14:48 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-joystick-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-mci-l1-1-0.dll
[2013.08.22 05:14:22 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-misc-l1-1-0.dll
[2013.08.22 05:14:21 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-misc-l1-1-1.dll
[2013.08.22 05:14:21 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-misc-l2-1-0.dll
[2013.08.22 05:14:48 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-mme-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-playsound-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-mm-time-l1-1-0.dll
[2013.08.22 05:13:56 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-net-isolation-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-net-isolation-l1-1-1.dll
[2013.08.22 05:14:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-ntuser-ie-message-l1-1-0.dll
[2013.08.22 05:14:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-ntuser-ie-window-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-ntuser-ie-wmpointer-l1-1-0.dll
[2013.08.22 05:17:38 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-oobe-notification-l1-1-0.dll
[2013.08.22 05:14:48 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-perf-legacy-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-power-base-l1-1-0.dll
[2013.08.22 05:17:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-power-setting-l1-1-0.dll
[2013.08.22 05:14:45 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-ro-typeresolution-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-navigation-l1-1-0.dll
[2013.08.22 05:14:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-clipboard-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-private-l1-1-0.dll
[2013.08.22 05:14:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-synch-l1-1-0.dll
[2013.08.22 05:14:17 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-window-l1-1-0.dll
[2013.08.22 05:14:17 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-windowstation-l1-1-0.dll
[2013.08.22 05:14:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-winevent-l1-1-0.dll
[2013.08.22 05:14:17 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ntuser-wmpointer-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-ole32-clipboard-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-rtcore-session-l1-1-0.dll
[2013.08.22 05:14:44 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-activedirectoryclient-l1-1-0.dll
[2013.08.22 05:17:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-appcontainer-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-audit-l1-1-0.dll
[2013.08.22 05:14:06 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-audit-l1-1-1.dll
[2013.08.22 05:13:17 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
[2013.08.22 05:14:22 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-2-0.dll
[2013.08.22 05:13:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-private-l1-1-0.dll
[2013.08.22 05:13:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-private-l1-1-1.dll
[2013.08.22 05:14:05 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-credentials-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-credentials-l2-1-0.dll
[2013.08.22 05:14:05 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-cryptoapi-l1-1-0.dll
[2013.08.22 05:14:39 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-grouppolicy-l1-1-0.dll
[2013.08.22 05:13:55 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-logon-l1-1-0.dll
[2013.08.22 05:13:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-lsalookup-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-lsalookup-l1-1-1.dll
[2013.08.22 05:14:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-lsalookup-l2-1-0.dll
[2013.08.22 05:14:02 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-lsalookup-l2-1-1.dll
[2013.08.22 05:14:43 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-lsapolicy-l1-1-0.dll
[2013.08.22 05:14:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-provider-l1-1-0.dll
[2013.08.22 05:14:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-sddl-ansi-l1-1-0.dll
[2013.08.22 05:14:05 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-sddl-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-sddlparsecond-l1-1-0.dll
[2013.08.22 05:14:44 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-systemfunctions-l1-1-0.dll
[2013.08.22 05:14:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-trustee-l1-1-0.dll
[2013.08.22 05:14:03 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-trustee-l1-1-1.dll
[2013.08.22 05:13:15 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-core-l1-1-0.dll
[2013.08.22 05:13:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-core-l1-1-1.dll
[2013.08.22 05:13:33 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-management-l1-1-0.dll
[2013.08.22 05:13:32 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-management-l2-1-0.dll
[2013.08.22 05:13:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-private-l1-1-0.dll
[2013.08.22 05:13:22 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-winsvc-l1-1-0.dll
[2013.08.22 05:13:33 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-service-winsvc-l1-2-0.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-comhelpers-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-obsolete-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-registry-l1-1-1.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-scaling-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-scaling-l1-1-1.dll
[2013.08.22 05:14:20 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-stream-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-stream-winrt-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-sysinfo-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-thread-l1-1-0.dll
[2013.08.22 05:14:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shcore-unicodeansi-l1-1-0.dll
[2013.08.22 05:14:41 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shell-shellcom-l1-1-0.dll
[2013.08.22 05:14:41 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-shell-shellfolders-l1-1-0.dll
[2013.08.22 06:21:53 | 000,070,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apisetschema.dll
[2013.10.22 05:04:03 | 000,618,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apphelp.dll
[2013.08.22 04:54:16 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Apphlpdm.dll
[2013.08.22 06:29:25 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\appidapi.dll
[2013.08.22 16:02:20 | 000,225,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppIdPolicyEngineApi.dll
[2013.08.22 04:37:42 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\appidsvc.dll
[2013.08.22 05:05:55 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\appinfo.dll
[2013.08.22 16:02:29 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\appmgmts.dll
[2013.08.22 16:02:18 | 000,366,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\appmgr.dll
[2013.10.04 09:00:53 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppReadiness.dll
[2013.08.22 04:19:50 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apprepapi.dll
[2013.08.22 04:09:16 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apprepsync.dll
[2013.08.22 03:52:05 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\appsruprov.dll
[2013.10.10 12:21:32 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppxAllUserStore.dll
[2013.08.22 03:45:56 | 000,369,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppxApplicabilityEngine.dll
[2013.09.19 05:26:47 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppXDeploymentClient.dll
[2013.10.10 11:19:48 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppXDeploymentExtensions.dll
[2013.10.10 11:35:11 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppXDeploymentServer.dll
[2013.08.22 03:17:08 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppxPackaging.dll
[2013.08.22 03:47:39 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppxSip.dll
[2013.08.22 03:48:29 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppxStreamingDataSourcePS.dll
[2013.08.22 03:25:44 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AppxSysprep.dll
[2013.08.22 05:16:45 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\asferror.dll
[2013.08.10 01:56:55 | 000,028,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aspnet_counters.dll
[2013.08.22 04:54:40 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\asycfilt.dll
[2013.08.22 04:54:34 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\atl.dll
[2013.08.22 05:12:28 | 000,297,984 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll
[2013.08.22 05:04:23 | 000,036,352 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll
[2013.08.22 04:24:19 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\audiodev.dll
[2013.08.22 03:37:53 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AudioEndpointBuilder.dll
[2013.08.22 06:19:12 | 000,406,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AudioEng.dll
[2013.08.22 06:19:12 | 000,319,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AUDIOKSE.dll
[2013.09.17 07:31:45 | 000,326,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AudioSes.dll
[2013.08.22 03:27:49 | 000,622,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\audiosrv.dll
[2013.08.22 04:39:53 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\auditcse.dll
[2013.08.22 16:02:25 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuditNativeSnapIn.dll
[2013.08.22 16:02:25 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuditPolicyGPInterop.dll
[2013.08.22 16:02:25 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\auditpolmsg.dll
[2013.08.22 03:04:57 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuthBroker.dll
[2013.08.22 04:12:30 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuthExt.dll
[2013.08.22 03:42:25 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authfwcfg.dll
[2013.08.22 04:39:08 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuthFWGP.dll
[2013.08.22 06:24:56 | 005,120,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuthFWSnapin.dll
[2013.08.22 06:24:55 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuthFWWizFwk.dll
[2013.08.22 03:47:23 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AuthHostProxy.dll
[2013.10.22 02:47:12 | 002,295,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authui.dll
[2013.08.22 03:53:21 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authz.dll
[2013.08.22 04:27:09 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\autoplay.dll
[2013.08.22 05:06:45 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AutoWorkplaceN.dll
[2013.06.18 13:21:03 | 000,069,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\avicap.dll
[2013.08.22 04:59:58 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\avicap32.dll
[2013.08.22 04:53:46 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\avifil32.dll
[2013.06.18 13:21:03 | 000,109,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\avifile.dll
[2013.08.22 06:24:59 | 000,030,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\avrt.dll
[2013.08.22 04:06:00 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AxInstSv.dll
[2013.08.22 04:29:32 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\azroles.dll
[2013.08.22 04:21:04 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\azroleui.dll
[2013.08.22 04:58:10 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\AzSqlExt.dll
[2013.08.22 06:29:02 | 000,166,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\basecsp.dll
[2013.08.22 07:13:53 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\basesrv.dll
[2013.08.22 05:05:53 | 002,012,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\batmeter.dll
[2013.08.22 07:13:53 | 000,079,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bcd.dll
[2013.08.22 03:46:55 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bcdprov.dll
[2013.08.22 03:46:51 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bcdsrv.dll
[2013.08.22 03:52:09 | 000,276,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BCP47Langs.dll
[2013.08.22 06:29:26 | 000,125,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bcrypt.dll
[2013.08.22 07:13:51 | 000,330,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bcryptprimitives.dll
[2013.08.22 16:02:27 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BdeHdCfgLib.dll
[2013.08.22 05:06:00 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bderepair.dll
[2013.08.22 03:38:31 | 000,297,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bdesvc.dll
[2013.08.22 16:02:19 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BdeSysprep.dll
[2013.08.22 04:52:20 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bdeui.dll
[2013.10.12 22:14:23 | 000,549,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BFE.DLL
[2013.08.22 05:12:13 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bi.dll
[2013.08.22 04:46:55 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bidispl.dll
[2013.08.22 03:18:44 | 000,260,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BioCredProv.dll
[2013.08.22 03:38:31 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bisrv.dll
[2013.08.22 04:56:08 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsigd.dll
[2013.08.22 03:53:57 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsperf.dll
[2013.08.22 04:58:22 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsprx2.dll
[2013.08.22 05:01:03 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsprx3.dll
[2013.08.22 05:00:58 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsprx4.dll
[2013.08.22 05:01:03 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsprx5.dll
[2013.08.22 05:01:00 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsprx6.dll
[2013.08.22 05:01:01 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bitsprx7.dll
[2013.08.22 03:45:56 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\biwinrt.dll
[2013.08.22 04:46:48 | 000,601,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\blackbox.dll
[2013.08.22 05:16:07 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BlbEvents.dll
[2013.08.22 05:16:07 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\blbres.dll
[2013.08.22 05:05:21 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\blb_ps.dll
[2013.08.22 03:41:23 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BluetoothApis.dll
[2013.08.22 03:40:34 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BootMenuUX.dll
[2013.08.22 05:16:00 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bootstr.dll
[2013.08.22 03:17:44 | 003,278,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bootux.dll
[2013.08.22 06:25:36 | 000,023,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BOOTVID.DLL
[2013.08.22 04:24:36 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\brdgcfg.dll
[2013.08.22 05:16:58 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bridgeres.dll
[2013.08.22 03:53:10 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BrokerLib.dll
[2013.08.22 03:53:19 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll
[2013.08.22 03:52:33 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browser.dll
[2013.08.22 05:06:48 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browseui.dll
[2013.08.22 04:32:56 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bthci.dll
[2013.08.22 04:18:47 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BthHFSrv.dll
[2013.08.22 04:38:48 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BthMtpContextHandler.dll
[2013.08.22 04:54:27 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bthpanapi.dll
[2013.08.22 04:33:41 | 000,073,216 | ---- | M] () -- C:\Windows\system32\BthpanContextHandler.dll
[2013.08.22 04:47:51 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BthRadioMedia.dll
[2013.08.22 03:43:42 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\bthserv.dll
[2013.08.22 04:47:17 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\BthSQM.dll
[2013.08.22 04:30:44 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\btpanui.dll
[2013.08.22 04:32:26 | 000,046,080 | ---- | M] () -- C:\Windows\system32\BWContextHandler.dll
[2013.08.22 06:31:41 | 000,115,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cabinet.dll
[2013.08.22 04:36:30 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cabview.dll
[2013.08.22 03:52:50 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CallButtons.dll
[2013.08.22 03:47:26 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CallButtons.ProxyStub.dll
[2013.08.22 04:44:32 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\capiprovider.dll
[2013.08.22 05:00:53 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\capisp.dll
[2013.08.22 03:13:00 | 000,368,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\catsrv.dll
[2013.08.22 03:47:21 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\catsrvps.dll
[2013.08.22 03:11:11 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\catsrvut.dll
[2013.08.22 04:53:20 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cca.dll
[2013.08.22 06:22:26 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdd.dll
[2013.08.22 04:05:40 | 000,808,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll
[2013.08.22 03:29:13 | 000,843,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certca.dll
[2013.08.22 04:31:24 | 000,317,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certcli.dll
[2013.08.22 03:40:13 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certCredProvider.dll
[2013.08.22 04:52:28 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll
[2013.08.22 03:31:37 | 002,097,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CertEnroll.dll
[2013.08.22 04:03:45 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CertEnrollUI.dll
[2013.08.22 04:10:46 | 001,954,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certmgr.dll
[2013.08.22 04:56:40 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CertPolEng.dll
[2013.08.22 04:41:28 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certprop.dll
[2013.08.22 04:53:25 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cewmdm.dll
[2013.08.22 04:38:29 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cfgbkend.dll
[2013.08.22 06:31:40 | 000,237,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cfgmgr32.dll
[2013.08.22 03:47:02 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cfmifs.dll
[2013.08.22 03:46:55 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cfmifsproxy.dll
[2013.08.22 04:58:08 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\chartv.dll
[2013.08.22 04:47:04 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\chkwudrv.dll
[2013.08.22 04:52:30 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CHxReadingStringIME.dll
[2013.08.22 06:31:41 | 000,489,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ci.dll
[2013.08.22 04:58:05 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cic.dll
[2013.08.22 05:03:07 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CIRCoInst.dll
[2013.08.22 05:05:37 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clb.dll
[2013.08.22 06:21:42 | 000,508,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clbcatq.dll
[2013.08.22 05:12:23 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clfsw32.dll
[2013.08.22 05:02:36 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cliconfg.dll
[2013.08.22 05:06:30 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clrhost.dll
[2013.08.22 04:24:21 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\clusapi.dll
[2013.08.22 04:45:56 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmcfg32.dll
[2013.08.22 04:55:49 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmdext.dll
[2013.08.22 04:26:44 | 000,480,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmdial32.dll
[2013.08.22 03:41:47 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmifw.dll
[2013.08.22 07:13:51 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmipnpinstall.dll
[2013.08.22 04:37:58 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmlua.dll
[2013.08.22 05:05:54 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmpbk32.dll
[2013.08.22 04:37:08 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmstplua.dll
[2013.08.22 04:55:47 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cmutil.dll
[2013.08.22 03:47:23 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngcredui.dll
[2013.08.22 04:44:42 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngprovider.dll
[2013.08.22 05:05:59 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cnvfat.dll
[2013.08.22 04:56:49 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cofiredm.dll
[2013.05.02 09:52:04 | 002,210,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\coin94.dll
[2013.08.22 03:45:30 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\colbact.dll
[2013.08.22 06:24:59 | 000,174,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\COLORCNV.DLL
[2013.08.22 04:27:51 | 000,604,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\colorui.dll
[2013.08.22 06:21:43 | 001,369,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\combase.dll
[2013.08.22 05:05:20 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comcat.dll
[2013.08.22 05:07:58 | 000,535,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comctl32.dll
[2013.10.19 05:03:41 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comdlg32.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\COMMDLG.DLL
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\compobj.dll
[2013.08.22 06:19:11 | 000,018,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CompPkgSup.dll
[2013.08.22 04:55:56 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\compstui.dll
[2013.08.22 03:45:47 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comrepl.dll
[2013.08.22 05:14:42 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comres.dll
[2013.08.22 04:36:34 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comsnap.dll
[2013.08.22 03:26:02 | 001,221,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comsvcs.dll
[2013.08.22 04:29:37 | 000,601,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\comuid.dll
[2013.08.22 03:21:49 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ConfigureExpandedStorage.dll
[2013.08.22 04:10:25 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\connect.dll
[2013.08.22 04:34:38 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ConnectedAccountState.dll
[2013.08.22 03:20:06 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ConsentUX.dll
[2013.08.22 04:50:54 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\console.dll
[2013.08.22 05:16:40 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CoreMmRes.dll
[2013.08.22 04:37:02 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\correngine.dll
[2013.08.22 04:04:25 | 000,680,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CPFilters.dll
[2013.08.22 03:18:10 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CredentialMigrationHandler.dll
[2013.08.22 03:52:39 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credssp.dll
[2013.08.22 04:26:03 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\credui.dll
[2013.06.18 13:38:24 | 000,149,019 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crtdll.dll
[2013.10.16 14:54:17 | 001,581,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll
[2013.08.22 07:13:54 | 000,030,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptbase.dll
[2013.08.22 03:43:04 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptcatsvc.dll
[2013.08.22 05:03:10 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll
[2013.08.22 06:29:26 | 000,071,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdll.dll
[2013.08.22 04:32:52 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptext.dll
[2013.08.22 03:54:48 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll
[2013.08.22 03:47:23 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CryptoWinRT.dll
[2013.08.22 06:29:26 | 000,095,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsp.dll
[2013.08.22 03:52:30 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll
[2013.08.22 03:51:02 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypttpmeksvc.dll
[2013.08.22 03:12:09 | 000,557,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptui.dll
[2013.08.22 04:22:05 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptuiwizard.dll
[2013.08.22 06:29:26 | 000,098,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptxml.dll
[2013.08.22 03:52:25 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cscapi.dll
[2013.08.22 05:06:23 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cscdll.dll
[2013.08.22 16:02:25 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CscMig.dll
[2013.08.22 16:02:27 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cscobj.dll
[2013.08.22 16:02:26 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cscsvc.dll
[2013.08.22 16:02:23 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cscui.dll
[2013.08.22 07:13:53 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\csrsrv.dll
[2013.08.22 03:52:57 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\CSystemEventsBrokerClient.dll
[2013.06.18 13:38:24 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ctl3d32.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ctl3dv2.dll
[2013.08.22 03:54:33 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\C_G18030.DLL
[2013.08.22 03:54:32 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\C_IS2022.DLL
[2013.08.22 03:55:42 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\C_ISCII.DLL
[2013.09.10 05:34:13 | 003,934,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll
[2013.08.22 03:41:59 | 001,055,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll
[2013.08.22 03:46:09 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll
[2013.10.05 13:05:35 | 000,578,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll
[2013.08.22 03:53:28 | 002,071,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll
[2013.08.22 03:44:43 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll
[2013.08.22 03:46:16 | 000,318,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll
[2013.10.03 13:53:53 | 001,765,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d11.dll
[2013.08.22 04:57:54 | 001,007,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d8.dll
[2013.08.22 05:06:17 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d8thk.dll
[2013.09.14 13:39:23 | 001,799,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d9.dll
[2013.08.22 03:44:35 | 003,452,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\D3DCompiler_47.dll
[2013.08.22 04:59:05 | 000,378,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dim.dll
[2013.08.22 03:39:46 | 000,867,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dim700.dll
[2013.08.22 05:06:33 | 000,690,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dramp.dll
[2013.08.22 04:54:38 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3dxof.dll
[2013.08.22 03:50:25 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dab.dll
[2013.08.22 03:55:32 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dabapi.dll
[2013.08.22 04:27:18 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DAConn.dll
[2013.09.17 04:47:31 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dafBth.dll
[2013.08.22 03:06:17 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DafPrintProvider.dll
[2013.08.22 03:35:40 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dafupnp.dll
[2013.08.22 04:17:04 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dafWCN.dll
[2013.09.12 08:17:25 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dafWfdProvider.dll
[2013.08.22 03:26:47 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DAFWSD.dll
[2013.08.22 04:38:39 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DAMM.dll
[2013.08.22 03:20:11 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DaOtpCredentialProvider.dll
[2013.08.22 03:38:43 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\das.dll
[2013.08.22 03:21:43 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dataclen.dll
[2013.08.22 03:21:50 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\datusage.dll
[2013.08.22 04:45:52 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\davclnt.dll
[2013.08.22 05:06:30 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\davhlpr.dll
[2013.08.22 04:46:28 | 002,872,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dbgeng.dll
[2013.08.22 03:46:23 | 001,237,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dbghelp.dll
[2013.08.22 05:04:12 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dbnetlib.dll
[2013.08.22 05:04:56 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dbnmpntw.dll
[2013.08.22 05:06:04 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dciman32.dll
[2013.08.22 06:24:54 | 000,235,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dcomp.dll
[2013.08.22 04:37:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DDACLSys.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DDEML.DLL
[2013.08.22 05:03:22 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DDOIProxy.dll
[2013.08.22 04:59:21 | 015,794,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DDORes.dll
[2013.08.22 16:02:30 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ddpchunk.dll
[2013.08.22 16:02:20 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ddptrace.dll
[2013.08.22 16:02:20 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ddputils.dll
[2013.08.22 16:02:20 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ddp_ps.dll
[2013.08.22 03:33:31 | 000,527,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ddraw.dll
[2013.08.22 03:46:37 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ddrawex.dll
[2013.08.22 04:40:02 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DefaultDeviceManager.dll
[2013.08.22 04:38:38 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DefaultPrinterProvider.dll
[2013.08.22 03:46:43 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\defragproxy.dll
[2013.08.22 05:14:43 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\defragres.dll
[2013.08.22 03:38:37 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\defragsvc.dll
[2013.08.22 03:47:06 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\delegatorprovider.dll
[2013.08.22 04:40:37 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\deskadp.dll
[2013.08.22 04:39:53 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\deskmon.dll
[2013.08.22 03:50:18 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DevDispItemProvider.dll
[2013.08.22 06:19:12 | 000,074,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\devenum.dll
[2013.08.22 03:44:10 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\deviceaccess.dll
[2013.08.22 03:52:58 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\deviceassociation.dll
[2013.08.22 04:19:03 | 000,482,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceCenter.dll
[2013.08.22 04:53:36 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceDisplayStatusManager.dll
[2013.08.22 04:29:13 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceDriverRetrievalClient.dll
[2013.08.22 03:17:05 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceElementSource.dll
[2013.08.22 04:16:58 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceMetadataRetrievalClient.dll
[2013.08.22 04:12:10 | 000,457,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DevicePairing.dll
[2013.08.22 04:25:28 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DevicePairingFolder.dll
[2013.08.22 04:53:11 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DevicePairingProxy.dll
[2013.08.22 04:09:06 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\deviceregistration.dll
[2013.08.22 03:31:45 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceSetupManager.dll
[2013.08.22 03:41:38 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceSetupManagerAPI.dll
[2013.08.22 04:37:02 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceSetupStatusProvider.dll
[2013.08.22 05:14:40 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DeviceUxRes.dll
[2013.08.22 04:13:25 | 000,313,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\devinv.dll
[2013.08.22 04:25:44 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\devmgr.dll
[2013.08.22 06:31:41 | 000,123,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\devobj.dll
[2013.08.22 04:46:44 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DevPropMgr.dll
[2013.08.22 03:53:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\devrtl.dll
[2013.08.22 16:02:29 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dfdts.dll
[2013.08.22 03:54:42 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dfscli.dll
[2013.08.22 04:26:05 | 001,220,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dfshim.dll
[2013.08.22 04:37:00 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DfsShlEx.dll
[2013.08.22 04:55:27 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcmonitor.dll
[2013.08.22 03:55:17 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore.dll
[2013.08.22 03:55:13 | 000,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore6.dll
[2013.08.22 03:55:09 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc.dll
[2013.08.22 03:55:30 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc6.dll
[2013.08.22 03:37:30 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DHCPQEC.DLL
[2013.08.22 04:59:46 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpsapi.dll
[2013.08.22 04:18:56 | 000,996,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DiagCpl.dll
[2013.08.22 04:29:26 | 001,041,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\diagperf.dll
[2013.08.22 04:33:07 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\difxapi.dll
[2013.08.22 03:46:39 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dimsjob.dll
[2013.08.22 05:01:33 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dimsroam.dll
[2013.08.22 05:00:08 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dinput.dll
[2013.08.22 05:00:49 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dinput8.dll
[2013.08.22 04:48:36 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\discan.dll
[2013.08.22 04:50:54 | 001,502,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\diskcopy.dll
[2013.08.22 03:42:01 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DismApi.dll
[2013.08.22 04:44:12 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dispci.dll
[2013.08.22 05:02:08 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dispex.dll
[2013.10.11 15:22:11 | 001,816,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Display.dll
[2013.08.22 04:24:57 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dlnashext.dll
[2013.08.22 04:55:01 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmband.dll
[2013.08.22 04:54:34 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmcompos.dll
[2013.08.22 04:32:34 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmdlgs.dll
[2013.08.22 04:48:48 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmdskmgr.dll
[2013.08.22 05:16:08 | 000,372,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmdskres.dll
[2013.08.22 05:16:07 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmdskres2.dll
[2013.08.22 04:53:14 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmime.dll
[2013.08.22 05:02:19 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmintf.dll
[2013.08.22 04:55:19 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmloader.dll
[2013.08.22 05:05:27 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmocx.dll
[2013.08.22 04:54:46 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmscript.dll
[2013.08.22 04:54:37 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmstyle.dll
[2013.08.22 04:54:25 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmsynth.dll
[2013.08.22 04:50:48 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmusic.dll
[2013.08.22 05:06:18 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmutil.dll
[2013.08.22 04:26:03 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmvdsitf.dll
[2013.08.22 06:11:08 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dmvscres.dll
[2013.10.08 06:15:16 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dnsapi.dll
[2013.08.22 06:24:56 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dnscmmc.dll
[2013.08.22 03:49:41 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dnsext.dll
[2013.08.22 04:21:30 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dnshc.dll
[2013.10.08 06:14:47 | 000,186,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dnsrslvr.dll
[2013.08.22 04:40:35 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\docprop.dll
[2013.08.22 05:16:18 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DocumentPerformanceEvents.dll
[2013.08.22 04:55:13 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3api.dll
[2013.08.22 04:46:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3cfg.dll
[2013.08.22 04:48:44 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Dot3Conn.dll
[2013.08.22 04:57:05 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3dlg.dll
[2013.08.22 03:24:34 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3gpclnt.dll
[2013.08.22 04:45:02 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3gpui.dll
[2013.08.22 04:37:29 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3hc.dll
[2013.08.22 04:45:05 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3mm.dll
[2013.08.22 04:48:23 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3msm.dll
[2013.08.22 04:15:45 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3svc.dll
[2013.08.22 04:40:07 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dot3ui.dll
[2013.08.22 03:55:43 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpapi.dll
[2013.08.22 04:42:56 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpapiprovider.dll
[2013.08.22 03:42:04 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpapisrv.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dplayx.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpmodemx.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnaddr.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnathlp.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnhpast.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnhupnp.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnlobby.dll
[2013.08.22 03:47:01 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dps.dll
[2013.08.22 05:05:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpwsockx.dll
[2013.08.22 03:33:49 | 000,253,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpx.dll
[2013.08.22 04:07:14 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drmmgrtn.dll
[2013.08.22 06:19:01 | 000,842,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drmv2clt.dll
[2013.08.22 05:03:44 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drprov.dll
[2013.08.22 05:02:53 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drt.dll
[2013.08.22 04:59:41 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drtprov.dll
[2013.08.22 05:03:56 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drttransport.dll
[2013.08.22 03:51:30 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drvstore.dll
[2013.06.18 13:19:16 | 000,004,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ds16gt.dLL
[2013.08.22 04:38:01 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ds32gt.dll
[2013.08.22 04:59:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsauth.dll
[2013.08.22 03:16:13 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DscCore.dll
[2013.08.22 03:26:16 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DscCoreConfProv.dll
[2013.08.22 04:54:38 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsdmo.dll
[2013.08.22 04:29:41 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dskquota.dll
[2013.08.22 04:40:11 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dskquoui.dll
[2013.08.22 04:50:39 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsound.dll
[2013.08.22 03:53:39 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsparse.dll
[2013.08.22 04:31:06 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsprop.dll
[2013.08.22 04:24:47 | 000,396,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsquery.dll
[2013.08.22 06:29:25 | 000,020,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsrole.dll
[2013.08.22 04:48:58 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dssec.dll
[2013.08.22 06:29:26 | 000,157,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dssenh.dll
[2013.08.22 04:25:57 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Dsui.dll
[2013.08.22 04:07:07 | 000,668,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dsuiext.dll
[2013.08.22 04:55:00 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dswave.dll
[2013.08.22 04:49:08 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dtsh.dll
[2013.08.22 03:31:18 | 001,343,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dui70.dll
[2013.08.22 03:29:37 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\duser.dll
[2013.08.22 06:24:54 | 000,098,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dwmapi.dll
[2013.10.19 04:28:22 | 001,765,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dwmcore.dll
[2013.08.22 03:43:07 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dwmredir.dll
[2013.08.22 03:54:52 | 001,497,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll
[2013.08.22 04:13:49 | 000,258,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxdiagn.dll
[2013.10.03 13:53:52 | 000,406,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgi.dll
[2013.08.22 04:43:07 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgwdi.dll
[2013.08.22 05:06:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxmasf.dll
[2013.08.22 04:06:20 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DXP.dll
[2013.08.22 05:02:03 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxpps.dll
[2013.08.22 04:19:18 | 001,380,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DxpTaskSync.dll
[2013.08.22 04:27:45 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013.08.22 04:11:59 | 000,244,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013.08.22 06:24:57 | 000,103,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxva2.dll
[2013.09.12 08:37:32 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eapp3hst.dll
[2013.09.12 08:01:28 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eappcfg.dll
[2013.09.12 09:02:04 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eappgnui.dll
[2013.09.12 08:21:08 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eapphost.dll
[2013.08.22 03:45:24 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eappprxy.dll
[2013.08.22 03:52:29 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eapprovp.dll
[2013.08.22 03:43:05 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EAPQEC.DLL
[2013.08.22 03:40:49 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eapsvc.dll
[2013.08.22 05:00:53 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\easconsent.dll
[2013.08.22 05:01:14 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\easinvoker.proxystub.dll
[2013.08.22 04:41:44 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\easwrt.dll
[2013.08.22 04:03:49 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\efsadu.dll
[2013.08.22 04:32:45 | 000,318,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\efscore.dll
[2013.08.22 05:05:41 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\efslsaext.dll
[2013.08.22 05:03:12 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\efssvc.dll
[2013.08.22 05:05:38 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\efsutil.dll
[2013.08.22 03:07:07 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\efswrt.dll
[2013.08.22 04:33:39 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EhStorAPI.dll
[2013.08.22 04:28:25 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EhStorPwdMgr.dll
[2013.08.22 04:27:27 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EhStorShell.dll
[2013.08.22 04:27:50 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\els.dll
[2013.08.22 03:46:53 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ELSCore.dll
[2013.08.22 04:45:00 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll

ciao · 08.12.2013, 11:16

Teil 3

Code:

ATTFilter

[2013.08.22 03:53:26 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elslad.dll
[2013.08.22 03:47:29 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elsTrans.dll
[2013.08.22 16:02:26 | 000,036,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EmbeddedAppLauncherConfig.dll
[2013.08.22 03:46:50 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\encapi.dll
[2013.08.22 04:01:17 | 000,408,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EncDec.dll
[2013.08.22 06:19:11 | 000,106,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EncDump.dll
[2013.08.22 03:42:51 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\energy.dll
[2013.08.22 03:50:52 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\energyprov.dll
[2013.08.22 03:21:53 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\energytask.dll
[2013.08.22 03:31:24 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eqossnap.dll
[2013.08.22 03:38:29 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\es.dll
[2013.08.22 03:56:01 | 002,378,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\esent.dll
[2013.08.22 03:52:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\esentprf.dll
[2013.08.22 05:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ETWESEProviderResources.dll
[2013.08.22 03:52:57 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\EventAggregation.dll
[2013.08.22 04:49:37 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\eventcls.dll
[2013.08.22 06:19:12 | 000,540,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\evr.dll
[2013.08.22 05:13:19 | 002,428,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ExplorerFrame.dll
[2013.06.18 13:17:32 | 000,380,957 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\expsrv.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-auth-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-encryptedfile-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-eventingcontroller-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-eventlog-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-idletask-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-lsa-l1-1-0.dll
[2013.08.22 05:13:51 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-msi-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-ntmarta-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-psm-app-l1-1-0.dll
[2013.08.22 05:13:30 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-registry-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-safer-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-advapi32-shutdown-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-appmodel-deployment-l1-1-0.dll
[2013.08.22 05:13:56 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-appxdeploymentclient-appxdeploy-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-audiocore-pal-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-authz-claimpolicies-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-authz-context-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-authz-remote-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-biometrics-winbio-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-bluetooth-deviceassociation-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-branding-winbrand-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-cluster-clusapi-l1-1-0.dll
[2013.08.22 05:14:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-cluster-clusapi-l1-1-1.dll
[2013.08.22 05:13:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-cluster-resutils-l1-1-0.dll
[2013.08.22 05:14:10 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-cmd-util-l1-1-0.dll
[2013.08.22 05:14:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-cng-rng-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-com-clbcatq-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-com-ole32-l1-1-0.dll
[2013.08.22 05:14:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-com-ole32-l1-1-1.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-com-psmregister-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-core-bi-service-l1-1-0.dll
[2013.08.22 05:12:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-core-psm-service-l1-1-0.dll
[2013.08.22 05:13:40 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-domainjoin-netjoin-l1-1-0.dll
[2013.08.22 05:13:23 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-firewallapi-webproxy-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-font-fontgroups-l1-1-0.dll
[2013.08.22 06:25:36 | 000,014,176 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-fs-clfs-l1-1-0.dll
[2013.08.22 05:14:10 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-fsutilext-ifsutil-l1-1-0.dll
[2013.08.22 05:14:10 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-fsutilext-ulib-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-fveapi-query-l1-1-0.dll
[2013.08.22 05:14:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-dc-create-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-dc-create-l1-1-1.dll
[2013.08.22 05:13:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-dc-l1-2-0.dll
[2013.08.22 05:14:04 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-draw-l1-1-0.dll
[2013.08.22 05:14:00 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-draw-l1-1-1.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-font-l1-1-0.dll
[2013.08.22 05:14:00 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-font-l1-1-1.dll
[2013.08.22 05:14:03 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-metafile-l1-1-0.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-metafile-l1-1-1.dll
[2013.08.22 05:13:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-path-l1-1-0.dll
[2013.08.22 05:13:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-private-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-render-l1-1-0.dll
[2013.08.22 05:13:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gdi-wcs-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-globalization-collation-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-globalization-input-l1-1-0.dll
[2013.08.22 05:13:03 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gpapi-grouppolicy-l1-1-0.dll
[2013.08.22 05:13:04 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gpsvc-grouppolicy-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-gui-uxinit-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-imm-l1-1-0.dll
[2013.08.22 05:13:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-appcompat-l1-1-0.dll
[2013.08.22 05:13:29 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-datetime-l1-1-0.dll
[2013.08.22 05:13:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-elevation-l1-1-0.dll
[2013.08.22 05:13:30 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-errorhandling-l1-1-0.dll
[2013.08.22 05:13:33 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-file-l1-1-0.dll
[2013.08.22 05:13:24 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-localization-l1-1-0.dll
[2013.08.22 05:13:24 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-package-current-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-package-l1-1-1.dll
[2013.08.22 05:13:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-quirks-l1-1-0.dll
[2013.08.22 05:13:30 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-registry-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-sidebyside-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-transacted-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernel32-windowserrorreporting-l1-1-0.dll
[2013.08.22 05:13:30 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-kernelbase-processthread-l1-1-0.dll
[2013.08.22 05:12:45 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-mm-msacm-l1-1-0.dll
[2013.08.22 05:12:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-mm-pehelper-l1-1-0.dll
[2013.08.22 05:12:41 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-mm-wmdrmsdk-l1-1-0.dll
[2013.08.22 05:13:35 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-mpr-multipleproviderrouter-l1-1-0.dll
[2013.08.22 05:13:29 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-mrmcorer-environment-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-MrmCoreR-ResManager-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-msa-ui-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-msa-user-l1-1-0.dll
[2013.08.22 05:13:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-msiltcfg-msi-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-net-isoext-l1-1-0.dll
[2013.08.22 05:12:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-networking-wcmapi-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-networking-winipsec-l1-1-0.dll
[2013.08.22 05:12:53 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-networking-wlanapi-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-newdev-config-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntdsa-activedirectoryserver-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntdsapi-activedirectoryclient-l1-1-0.dll
[2013.08.22 06:25:36 | 000,012,128 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-kcminitcfg-l1-1-0.dll
[2013.08.22 06:25:39 | 000,012,128 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-ksecurity-l1-1-0.dll
[2013.08.22 06:25:39 | 000,012,128 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-ksecurity-l1-1-1.dll
[2013.08.22 06:25:39 | 000,012,128 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-ksigningpolicy-l1-1-0.dll
[2013.08.22 06:25:39 | 000,012,640 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-ksr-l1-1-0.dll
[2013.08.22 06:25:39 | 000,012,640 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-pico-l1-1-0.dll
[2013.08.22 06:25:39 | 000,015,200 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-tm-l1-1-0.dll
[2013.08.22 06:25:39 | 000,012,640 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntos-werkernel-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-caret-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-chartranslation-l1-1-0.dll
[2013.08.22 05:13:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-dialogbox-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-dialogbox-l1-1-1.dll
[2013.08.22 05:13:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-draw-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-draw-l1-1-1.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-gui-l1-1-0.dll
[2013.08.22 05:13:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-gui-l1-1-1.dll
[2013.08.22 05:13:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-keyboard-l1-1-0.dll
[2013.08.22 05:13:57 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-keyboard-l1-1-1.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-menu-l1-1-0.dll
[2013.08.22 05:14:02 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-menu-l1-1-1.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-message-l1-1-0.dll
[2013.08.22 05:13:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-message-l1-1-1.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-misc-l1-1-0.dll
[2013.08.22 05:13:59 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-misc-l1-2-0.dll
[2013.08.22 05:13:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-mouse-l1-1-0.dll
[2013.08.22 05:13:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-powermanagement-l1-1-0.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-0.dll
[2013.08.22 05:13:58 | 000,008,192 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-private-l1-1-1.dll
[2013.08.22 05:13:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-rectangle-ext-l1-1-0.dll
[2013.08.22 05:13:35 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-rotationmanager-l1-1-0.dll
[2013.08.22 05:13:37 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-string-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-synch-l1-1-0.dll
[2013.08.22 05:14:17 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-touch-hittest-l1-1-0.dll
[2013.08.22 05:14:01 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-window-l1-1-0.dll
[2013.08.22 05:14:00 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-window-l1-1-1.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-windowclass-l1-1-0.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-windowclass-l1-1-1.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-windowstation-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ntuser-windowstation-l1-1-1.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ole32-bindctx-l1-1-0.dll
[2013.08.22 05:14:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ole32-ie-ext-l1-1-0.dll
[2013.08.22 05:13:34 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ole32-oleautomation-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-oleacc-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-printer-winspool-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-printer-winspool-l1-1-1.dll
[2013.08.22 05:13:39 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-profile-profsvc-l1-1-0.dll
[2013.08.22 05:13:55 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-profile-userenv-l1-1-0.dll
[2013.08.22 05:14:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ras-rasapi32-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ras-rasdlg-l1-1-0.dll
[2013.08.22 05:14:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ras-rasman-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-ras-tapi32-l1-1-0.dll
[2013.08.22 05:13:28 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-reinfo-query-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rometadata-dispenser-l1-1-0.dll
[2013.08.22 05:13:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rtcore-gdi-devcaps-l1-1-0.dll
[2013.08.22 05:13:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rtcore-gdi-object-l1-1-0.dll
[2013.08.22 05:13:58 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rtcore-gdi-rgn-l1-1-0.dll
[2013.08.22 05:14:01 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rtcore-ntuser-dc-access-l1-1-0.dll
[2013.08.22 05:13:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rtcore-ntuser-dpi-l1-1-0.dll
[2013.08.22 05:14:00 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-rtcore-ntuser-sysparams-l1-1-0.dll
[2013.08.22 05:13:28 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-samsrv-accountstore-l1-1-0.dll
[2013.08.22 05:13:50 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-scesrv-server-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-secur32-translatename-l1-1-0.dll
[2013.08.22 05:14:14 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-security-credui-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-security-cryptui-l1-1-0.dll
[2013.08.22 05:14:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-security-kerberos-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-security-vaultcli-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-session-userinit-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-session-usertoken-l1-1-0.dll
[2013.08.22 05:13:42 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-session-wininit-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-session-winlogon-l1-1-0.dll
[2013.08.22 05:13:25 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-session-winsta-l1-1-0.dll
[2013.08.22 05:13:04 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-session-wtsapi32-l1-1-0.dll
[2013.08.22 05:13:40 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-setupApi-cfgmgr32remote-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-setupapi-classinstallers-l1-1-0.dll
[2013.08.22 05:13:54 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-setupapi-inf-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-setupApi-logging-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-shell-propsys-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-shell-settingsync-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-shell-shell32-l1-2-0.dll
[2013.08.22 05:13:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-shell-shlwapi-l1-1-0.dll
[2013.08.22 05:13:57 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-shell32-shellcom-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-shell32-shellfolders-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-smbshare-browser-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-smbshare-sscore-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-spinf-inf-l1-1-0.dll
[2013.08.22 05:13:04 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-storage-iscsidsc-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-sxs-oleautomation-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-uiacore-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-umpoext-umpo-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-usp10-l1-1-0.dll
[2013.08.22 05:13:40 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-uxtheme-themes-l1-1-0.dll
[2013.08.22 05:13:54 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-webio-pal-l1-1-0.dll
[2013.08.22 05:13:34 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wer-reporting-l1-1-0.dll
[2013.08.22 05:13:27 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wevtapi-eventlog-l1-1-0.dll
[2013.08.22 05:14:16 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-winbici-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-winhttp-pal-l1-1-0.dll
[2013.08.22 05:13:39 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wininet-pal-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-winlogon-mincreds-l1-1-0.dll
[2013.08.22 05:13:55 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-winrt-storage-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wlan-grouppolicy-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wlan-onexui-l1-1-0.dll
[2013.08.22 05:14:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wlan-scard-l1-1-0.dll
[2013.08.22 05:13:39 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wsclient-devlicense-l1-1-0.dll
[2013.08.22 05:14:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-wwan-wwapi-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-xaml-controls-l1-1-0.dll
[2013.08.22 05:14:16 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\ext-ms-win-xaml-pal-l1-1-0.dll
[2013.08.22 05:14:23 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\f3ahvoas.dll
[2013.08.22 06:24:55 | 000,368,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Faultrep.dll
[2013.08.22 03:35:55 | 000,098,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdBth.dll
[2013.08.22 03:53:57 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdBthProxy.dll
[2013.08.22 04:33:09 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FdDevQuery.dll
[2013.08.22 04:37:06 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fde.dll
[2013.08.22 03:19:40 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdeploy.dll
[2013.08.22 03:22:15 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdPHost.dll
[2013.08.22 03:39:19 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdPnp.dll
[2013.08.22 04:29:16 | 000,256,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdprint.dll
[2013.08.22 03:48:06 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdProxy.dll
[2013.08.22 03:41:18 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FDResPub.dll
[2013.08.22 03:43:05 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdSSDP.dll
[2013.08.22 04:43:44 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdWCN.dll
[2013.08.22 04:36:14 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdWNet.dll
[2013.08.22 03:33:40 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fdWSD.dll
[2013.08.22 05:05:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\feclient.dll
[2013.08.22 04:39:28 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhautoplay.dll
[2013.08.22 04:33:21 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhcat.dll
[2013.08.22 04:04:57 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhcfg.dll
[2013.08.22 04:52:57 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhcleanup.dll
[2013.08.22 03:14:34 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhcpl.dll
[2013.08.22 04:50:36 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhengine.dll
[2013.08.22 04:54:04 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhevents.dll
[2013.08.22 04:27:33 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhlisten.dll
[2013.08.22 04:34:19 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhshl.dll
[2013.08.22 04:50:53 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhsrchapi.dll
[2013.08.22 04:52:43 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhsrchph.dll
[2013.08.22 04:50:48 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhsvc.dll
[2013.08.22 04:51:32 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhsvcctl.dll
[2013.08.22 04:37:52 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhtask.dll
[2013.08.22 06:25:37 | 000,133,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhuxadapter.dll
[2013.08.22 06:25:37 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhuxapi.dll
[2013.08.22 06:25:37 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhuxcommon.dll
[2013.08.22 06:25:37 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhuxgraphics.dll
[2013.08.22 06:25:37 | 000,924,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fhuxpresentation.dll
[2013.08.22 03:55:39 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FileAppxStreamingDataSource.dll
[2013.08.22 04:25:54 | 000,454,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\filemgmt.dll
[2013.08.22 04:25:39 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\findnetprinters.dll
[2013.08.22 03:44:29 | 000,515,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FirewallAPI.dll
[2013.08.22 03:16:26 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FirewallControlPanel.dll
[2013.08.22 03:53:49 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fltLib.dll
[2013.08.22 05:04:27 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fmapi.dll
[2013.08.22 03:51:45 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fmifs.dll
[2013.08.22 04:55:51 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fms.dll
[2013.08.22 03:52:30 | 001,041,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FntCache.dll
[2013.08.22 04:25:08 | 000,807,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fontext.dll
[2013.08.22 05:06:29 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fontsub.dll
[2013.08.22 04:45:21 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fphc.dll
[2013.08.22 03:46:11 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\framedyn.dll
[2013.08.22 03:46:39 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\framedynos.dll
[2013.08.22 04:31:56 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\frprov.dll
[2013.08.22 04:53:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fsutilext.dll
[2013.08.22 05:05:43 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fthsvc.dll
[2013.08.22 03:43:53 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fundisc.dll
[2013.08.22 03:36:41 | 000,569,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fveapi.dll
[2013.08.22 03:40:15 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fveapibase.dll
[2013.08.22 03:53:31 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fvecerts.dll
[2013.08.22 16:02:20 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fvecpl.dll
[2013.08.22 03:50:53 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fveskybackup.dll
[2013.08.22 04:18:59 | 000,255,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fveui.dll
[2013.08.22 16:02:20 | 000,761,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fvewiz.dll
[2013.08.22 03:39:57 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\fwcfg.dll
[2013.08.22 03:40:03 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FWPUCLNT.DLL
[2013.08.22 03:42:30 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FwRemoteSvr.dll
[2013.08.22 04:15:26 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSAPI.dll
[2013.08.22 04:22:20 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSCOM.dll
[2013.08.22 04:21:54 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSCOMEX.dll
[2013.08.22 04:04:03 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSCOMPOSE.dll
[2013.08.22 05:14:29 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSCOMPOSERES.dll
[2013.08.22 05:16:18 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSEVENT.dll
[2013.08.22 04:21:57 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSEXT32.dll
[2013.08.22 04:49:56 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSMON.dll
[2013.08.22 05:15:54 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSRESM.dll
[2013.08.22 04:12:54 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSROUTE.dll
[2013.08.22 04:20:18 | 000,849,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSST.dll
[2013.08.22 04:23:54 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXST30.dll
[2013.08.22 04:18:41 | 000,405,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSTIFF.dll
[2013.08.22 04:16:45 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSUTILITY.dll
[2013.08.22 04:14:03 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\FXSXP32.dll
[2013.08.22 04:53:23 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gacinstall.dll
[2013.08.22 04:02:33 | 002,537,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gameux.dll
[2013.08.22 05:16:04 | 004,237,824 | ---- | M] (Microsoft) -- C:\Windows\system32\GameUXLegacyGDFs.dll
[2013.08.22 04:50:05 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gcdef.dll
[2013.10.05 13:05:35 | 001,090,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gdi32.dll
[2013.08.22 03:42:11 | 001,352,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\GdiPlus.dll
[2013.08.22 03:35:39 | 000,357,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\GeofenceMonitorService.dll
[2013.08.22 05:06:13 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\getuname.dll
[2013.08.22 04:11:51 | 008,712,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\glcndFilter.dll
[2013.08.22 05:06:45 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\glmf32.dll
[2013.08.22 03:52:54 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\GlobCollationHost.dll
[2013.08.22 03:46:09 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\globinputhost.dll
[2013.08.22 05:05:58 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\glu32.dll
[2013.08.22 06:29:26 | 000,111,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gpapi.dll
[2013.08.22 04:20:29 | 001,047,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gpedit.dll
[2013.08.22 16:02:18 | 000,588,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gpprefcl.dll
[2013.08.22 04:36:21 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gpprnext.dll
[2013.08.22 16:02:28 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gpscript.dll
[2013.08.22 03:35:48 | 001,165,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gpsvc.dll
[2013.08.22 04:25:58 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gptext.dll
[2013.08.22 04:04:44 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Groupinghc.dll
[2013.08.22 07:13:53 | 000,337,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hal.dll
[2013.08.22 06:19:43 | 000,017,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\HalExtIntcLpioDMA.dll
[2013.08.22 06:19:43 | 000,014,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\HalExtIntcUartDMA.dll
[2013.08.22 07:13:53 | 000,337,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\halmacpi.dll
[2013.08.22 03:53:58 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hbaapi.dll
[2013.08.22 04:37:03 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hcproviders.dll
[2013.08.22 04:23:21 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\HelpPaneProxy.dll
[2013.08.22 03:15:19 | 000,501,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hgcpl.dll
[2013.08.22 04:32:14 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hgprint.dll
[2013.08.22 04:40:17 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hhsetup.dll
[2013.08.22 03:54:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hid.dll
[2013.08.22 05:05:54 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidserv.dll
[2013.08.22 04:40:52 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hlink.dll
[2013.08.22 03:10:18 | 000,414,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hnetcfg.dll
[2013.08.22 04:54:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hnetmon.dll
[2013.08.22 04:30:23 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hotplug.dll
[2013.08.22 03:38:38 | 000,195,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hotspotauth.dll
[2013.08.22 03:55:33 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\httpapi.dll
[2013.08.22 03:45:51 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\httpprxm.dll
[2013.08.22 03:53:28 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\httpprxp.dll
[2013.08.22 05:05:43 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\htui.dll
[2013.08.22 04:55:57 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ias.dll
[2013.08.22 04:48:45 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iasacct.dll
[2013.08.22 04:48:46 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iasads.dll
[2013.08.22 04:55:19 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iasdatastore.dll
[2013.08.22 04:46:45 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iashlpr.dll
[2013.08.22 04:25:58 | 000,506,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IasMigPlugin.dll
[2013.08.22 04:48:13 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iasnap.dll
[2013.08.22 04:50:01 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iaspolcy.dll
[2013.08.22 04:48:26 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iasrad.dll
[2013.08.22 04:43:55 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iasrecst.dll
[2013.08.22 04:42:15 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iassam.dll
[2013.08.22 04:42:06 | 000,370,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iassdo.dll
[2013.08.22 04:49:08 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iassvcs.dll
[2013.08.22 05:03:38 | 000,084,992 | ---- | M] (Radius Inc.) -- C:\Windows\system32\iccvid.dll
[2013.08.22 03:18:47 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icfupgd.dll
[2013.08.22 03:51:49 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icm32.dll
[2013.08.22 05:14:43 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icmp.dll
[2013.08.22 05:00:56 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icmui.dll
[2013.08.22 05:03:14 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IconCodecService.dll
[2013.08.22 04:37:44 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icsigd.dll
[2013.08.22 04:05:56 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icsvc.dll
[2013.08.22 03:11:03 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IdCtrls.dll
[2013.08.22 04:12:36 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IdListen.dll
[2013.08.22 05:06:38 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\idndl.dll
[2013.08.22 03:43:53 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IDStore.dll
[2013.08.22 04:43:00 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013.08.22 03:14:00 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2013.08.22 04:11:32 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013.08.22 05:16:20 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwcollectorres.dll
[2013.08.22 04:55:00 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieetwproxystub.dll
[2013.10.19 04:56:42 | 011,220,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2013.08.22 04:12:13 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013.08.22 04:45:35 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013.10.19 05:52:57 | 002,166,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2013.08.22 04:56:00 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013.08.22 04:19:26 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013.08.22 04:42:13 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2013.08.22 03:35:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ifmon.dll
[2013.08.22 03:52:30 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ifsutil.dll
[2013.08.22 05:03:09 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ifsutilx.dll
[2013.08.22 04:43:00 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\igdDiag.dll
[2013.03.11 14:48:08 | 003,816,840 | ---- | M] (Intel Corporation) -- C:\Windows\system32\igdumd32.dll
[2013.10.12 22:02:20 | 000,730,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IKEEXT.DLL
[2013.08.22 07:13:51 | 000,070,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll
[2013.08.22 05:16:45 | 048,847,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imageres.dll
[2013.08.22 05:16:57 | 000,705,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagesp1.dll
[2013.08.22 04:37:42 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imapi.dll
[2013.08.22 04:32:30 | 000,409,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imapi2.dll
[2013.08.22 04:28:16 | 000,727,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imapi2fs.dll
[2013.08.22 03:35:09 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013.08.22 06:24:54 | 000,146,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imm32.dll
[2013.08.22 04:06:10 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetcomm.dll
[2013.08.22 03:41:45 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetmib1.dll
[2013.08.22 16:02:26 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetpp.dll
[2013.08.22 16:02:26 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inetppui.dll
[2013.08.22 05:14:36 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\INETRES.dll
[2013.08.22 03:45:32 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\InkEd.dll
[2013.08.22 04:28:25 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\input.dll
[2013.08.22 03:12:39 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\InputSwitch.dll
[2013.08.22 04:18:56 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013.08.22 05:15:57 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iologmsg.dll
[2013.08.22 06:17:53 | 000,118,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IPHLPAPI.DLL
[2013.10.08 05:40:31 | 000,795,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iphlpsvc.dll
[2013.09.14 09:54:46 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipnathlp.dll
[2013.08.22 05:08:02 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iprop.dll
[2013.08.22 05:04:44 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iprtprio.dll
[2013.08.22 04:54:45 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iprtrmgr.dll
[2013.08.22 04:12:45 | 000,759,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipsecsnp.dll
[2013.08.22 03:34:26 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IPSECSVC.DLL
[2013.08.22 04:10:10 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipsmsnap.dll
[2013.08.22 05:06:32 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ir32_32.dll
[2013.08.22 02:43:12 | 000,197,632 | ---- | M] (Intel(R) Corporation) -- C:\Windows\system32\ir32_32original.dll
[2013.08.22 02:43:10 | 000,839,680 | ---- | M] (Intel Corporation) -- C:\Windows\system32\ir41_32original.dll
[2013.08.22 05:06:32 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ir41_qc.dll
[2013.06.18 13:19:38 | 000,120,320 | ---- | M] (Intel Corporation.) -- C:\Windows\system32\ir41_qcoriginal.dll
[2013.08.22 05:06:32 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ir41_qcx.dll
[2013.06.18 13:19:38 | 000,338,432 | ---- | M] (Intel Corporation.) -- C:\Windows\system32\ir41_qcxoriginal.dll
[2013.08.22 05:06:34 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ir50_32.dll
[2013.08.22 02:43:10 | 000,746,496 | ---- | M] (Intel Corporation) -- C:\Windows\system32\ir50_32original.dll
[2013.08.22 05:06:33 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ir50_qc.dll
[2013.06.18 13:19:38 | 000,200,192 | ---- | M] (Intel Corporation.) -- C:\Windows\system32\ir50_qcoriginal.dll
[2013.08.22 05:06:34 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ir50_qcx.dll
[2013.06.18 13:19:38 | 000,183,808 | ---- | M] (Intel Corporation.) -- C:\Windows\system32\ir50_qcxoriginal.dll
[2013.08.22 05:01:22 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\irclass.dll
[2013.08.22 05:05:39 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\irmon.dll
[2013.08.22 04:41:27 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsicpl.dll
[2013.08.22 04:58:47 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsidsc.dll
[2013.08.22 05:04:35 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsied.dll
[2013.08.22 04:47:32 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsiexe.dll
[2013.08.22 05:16:22 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsilog.dll
[2013.08.22 04:58:04 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsium.dll
[2013.08.22 04:33:38 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsiwmi.dll
[2013.08.22 05:04:09 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iscsiwmiv2.dll
[2013.08.22 04:37:06 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\itircl.dll
[2013.08.22 04:18:23 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\itss.dll
[2013.10.13 01:29:44 | 000,706,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iuilp.dll
[2013.08.22 05:03:54 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iyuv_32.dll
[2013.08.22 04:34:28 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\JavaScriptCollectionAgent.dll
[2013.08.22 16:02:19 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jnwmon.dll
[2013.08.22 04:39:53 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013.10.19 05:44:46 | 004,240,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2013.09.26 09:24:43 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9diag.dll
[2013.08.22 04:46:19 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2013.08.22 05:14:26 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd101.dll
[2013.08.22 05:14:24 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd101a.dll
[2013.08.22 05:14:25 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd101b.dll
[2013.08.22 05:14:26 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd101c.dll
[2013.08.22 05:14:26 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd103.dll
[2013.08.22 05:14:24 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd106.dll
[2013.08.22 05:14:26 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbd106n.dll
[2013.08.22 05:14:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDA1.DLL
[2013.08.22 05:14:54 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDA2.DLL
[2013.08.22 05:14:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDA3.DLL
[2013.08.22 05:15:00 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDAL.DLL
[2013.08.22 05:15:02 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDARME.DLL
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdarmph.dll
[2013.08.22 05:14:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdarmty.dll
[2013.08.22 05:14:50 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDARMW.DLL
[2013.08.22 05:14:24 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdax2.dll
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDAZE.DLL
[2013.08.22 05:14:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDAZEL.DLL
[2013.08.22 05:14:51 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDAZST.DLL
[2013.08.22 05:14:50 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBASH.DLL
[2013.08.22 05:15:01 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBE.DLL
[2013.08.22 05:15:04 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBENE.DLL
[2013.08.22 05:15:03 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBGPH.DLL
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBGPH1.DLL
[2013.08.22 05:14:52 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBHC.DLL
[2013.08.22 05:14:52 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBLR.DLL
[2013.08.22 05:14:52 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBR.DLL
[2013.08.22 05:15:02 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBU.DLL
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBUG.DLL
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDBULG.DLL
[2013.08.22 05:14:52 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCA.DLL
[2013.08.22 05:14:53 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCAN.DLL
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCHER.DLL
[2013.08.22 05:14:53 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCHERP.DLL
[2013.08.22 05:15:04 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCR.DLL
[2013.08.22 05:14:54 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCZ.DLL
[2013.08.22 05:14:53 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCZ1.DLL
[2013.08.22 05:14:53 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDCZ2.DLL
[2013.08.22 05:14:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDDA.DLL
[2013.08.22 05:14:54 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDDIV1.DLL
[2013.08.22 05:15:04 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDDIV2.DLL
[2013.08.22 05:14:56 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDDV.DLL
[2013.08.22 05:14:56 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDES.DLL
[2013.08.22 05:14:56 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDEST.DLL
[2013.08.22 05:15:04 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFA.DLL
[2013.08.22 05:14:58 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdfar.dll
[2013.08.22 05:14:59 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFC.DLL
[2013.08.22 05:14:58 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFI.DLL
[2013.08.22 05:14:58 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFI1.DLL
[2013.08.22 05:14:58 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFO.DLL
[2013.08.22 05:14:59 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFR.DLL
[2013.08.22 05:15:01 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDFTHRK.DLL
[2013.08.22 05:15:01 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGAE.DLL
[2013.08.22 05:15:04 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGEO.DLL
[2013.08.22 05:15:04 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdgeoer.dll
[2013.08.22 05:15:04 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdgeome.dll
[2013.08.22 05:15:05 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdgeooa.dll
[2013.08.22 05:15:07 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdgeoqw.dll
[2013.08.22 05:15:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGKL.DLL
[2013.08.22 05:15:07 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGN.DLL
[2013.08.22 05:15:04 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGR.DLL
[2013.08.22 05:15:09 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGR1.DLL
[2013.08.22 05:15:17 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGRLND.DLL
[2013.08.22 05:15:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDGTHC.DLL
[2013.08.22 05:15:06 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHAU.DLL
[2013.08.22 05:15:24 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHAW.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHE.DLL
[2013.08.22 05:15:06 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHE220.DLL
[2013.08.22 05:15:23 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHE319.DLL
[2013.08.22 05:15:07 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHEB.DLL
[2013.08.22 05:15:17 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdhebl3.dll
[2013.08.22 05:15:16 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHELA2.DLL
[2013.08.22 05:15:16 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHELA3.DLL
[2013.08.22 05:15:17 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHEPT.DLL
[2013.08.22 05:15:07 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHU.DLL
[2013.08.22 05:15:07 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDHU1.DLL
[2013.08.22 05:14:24 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdibm02.dll
[2013.08.22 05:15:07 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDIBO.DLL
[2013.08.22 05:15:07 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDIC.DLL
[2013.08.22 05:15:08 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINASA.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINBE1.DLL
[2013.08.22 05:15:08 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINBE2.DLL
[2013.08.22 05:15:08 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINBEN.DLL
[2013.08.22 05:15:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINDEV.DLL
[2013.08.22 05:15:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINEN.DLL
[2013.08.22 05:15:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINGUJ.DLL
[2013.08.22 05:15:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINHIN.DLL
[2013.08.22 05:15:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINKAN.DLL
[2013.08.22 05:15:09 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINMAL.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINMAR.DLL
[2013.08.22 05:15:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINORI.DLL
[2013.08.22 05:15:09 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINPUN.DLL
[2013.08.22 05:15:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINTAM.DLL
[2013.08.22 05:15:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINTEL.DLL
[2013.08.22 05:15:10 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDINUK2.DLL
[2013.08.22 05:15:10 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDIR.DLL
[2013.08.22 05:15:10 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDIT.DLL
[2013.08.22 05:15:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDIT142.DLL
[2013.08.22 05:15:10 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDIULAT.DLL
[2013.08.22 05:15:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDJAV.DLL
[2013.08.22 05:14:20 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDJPN.DLL
[2013.08.22 05:15:10 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDKAZ.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDKHMR.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDKNI.DLL
[2013.08.22 05:14:20 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDKOR.DLL
[2013.08.22 05:15:30 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDKURD.DLL
[2013.08.22 05:15:25 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDKYR.DLL
[2013.08.22 05:15:11 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLA.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLAO.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdlisub.dll
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdlisus.dll
[2013.08.22 05:14:26 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdlk41a.dll
[2013.08.22 05:15:15 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLT.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLT1.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLT2.DLL
[2013.08.22 05:15:11 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLV.DLL
[2013.08.22 05:15:11 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLV1.DLL
[2013.08.22 05:15:16 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDLVST.DLL
[2013.08.22 05:15:18 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMAC.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMACST.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMAORI.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMLT47.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMLT48.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMON.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMONMO.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMONST.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDMYAN.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDNE.DLL
[2013.08.22 05:14:26 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdnec.dll
[2013.08.22 05:14:24 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdnec95.dll
[2013.08.22 05:14:24 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdnecat.dll
[2013.08.22 05:14:26 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdnecnt.dll
[2013.08.22 05:15:21 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDNEPR.DLL
[2013.08.22 05:15:17 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdnko.dll
[2013.08.22 05:15:23 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDNO.DLL
[2013.08.22 05:15:36 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDNO1.DLL
[2013.08.22 05:15:17 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDNSO.DLL
[2013.08.22 05:15:16 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDNTL.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDOGHAM.DLL
[2013.08.22 05:15:31 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDOLCH.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDOLDIT.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDOSM.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDPASH.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kbdphags.dll
[2013.08.22 05:15:17 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDPL.DLL
[2013.08.22 05:15:17 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDPL1.DLL
[2013.08.22 05:15:17 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDPO.DLL
[2013.08.22 05:15:34 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRO.DLL
[2013.08.22 05:15:17 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDROPR.DLL
[2013.08.22 05:15:19 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDROST.DLL
[2013.08.22 05:15:34 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRU.DLL
[2013.08.22 05:15:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRU1.DLL
[2013.08.22 05:15:36 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDRUM.DLL
[2013.08.22 05:15:20 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSF.DLL
[2013.08.22 05:15:19 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSG.DLL
[2013.08.22 05:15:20 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSL.DLL
[2013.08.22 05:15:21 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSL1.DLL
[2013.08.22 05:15:25 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSMSFI.DLL
[2013.08.22 05:15:21 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSMSNO.DLL
[2013.08.22 05:15:22 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSN1.DLL
[2013.08.22 05:15:22 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSORA.DLL
[2013.08.22 05:15:23 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSOREX.DLL
[2013.08.22 05:15:24 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSORS1.DLL
[2013.08.22 05:15:26 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSORST.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSP.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSW.DLL
[2013.08.22 05:15:27 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSW09.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSYR1.DLL
[2013.08.22 05:15:26 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDSYR2.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTAILE.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTAJIK.DLL
[2013.08.22 05:15:31 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTAT.DLL
[2013.08.22 05:15:31 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTH0.DLL
[2013.08.22 05:15:31 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTH1.DLL
[2013.08.22 05:15:31 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTH2.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTH3.DLL
[2013.08.22 05:15:33 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTIFI.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTIFI2.DLL
[2013.08.22 05:15:33 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTIPRC.DLL
[2013.08.22 05:15:34 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTIPRD.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTT102.DLL
[2013.08.22 05:15:34 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTUF.DLL
[2013.08.22 05:15:34 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTUQ.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTURME.DLL
[2013.08.22 05:15:34 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDTZM.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUGHR.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUGHR1.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUK.DLL
[2013.08.22 05:15:36 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUKX.DLL
[2013.08.22 05:15:34 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUR.DLL
[2013.08.22 05:15:34 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUR1.DLL

ciao · 08.12.2013, 11:18

Teil 4

Code:

ATTFilter

[2013.08.22 05:15:35 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDURDU.DLL
[2013.08.22 07:13:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUS.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUSA.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUSL.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUSR.DLL
[2013.08.22 05:15:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUSX.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDUZB.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDVNTC.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDWOL.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDYAK.DLL
[2013.08.22 05:15:35 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDYBA.DLL
[2013.08.22 05:15:36 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDYCC.DLL
[2013.08.22 05:15:36 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KBDYCL.DLL
[2013.08.22 07:13:53 | 000,013,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd.dll
[2013.08.22 06:25:39 | 000,018,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd1394.dll
[2013.08.22 07:13:53 | 000,022,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kdcom.dll
[2013.08.22 06:21:13 | 000,018,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kdhv1394.dll
[2013.08.22 06:25:39 | 000,083,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kdnet.dll
[2013.08.22 03:54:46 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KdsCli.dll
[2013.08.22 06:25:40 | 000,013,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kdstub.dll
[2013.08.22 06:35:21 | 000,039,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kdusb.dll
[2013.08.22 06:25:40 | 000,024,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd_02_10df.dll
[2013.08.22 06:25:42 | 000,248,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd_02_10ec.dll
[2013.08.22 06:25:41 | 000,096,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd_02_14e4.dll
[2013.08.22 06:25:42 | 000,033,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd_02_1969.dll
[2013.08.22 06:25:41 | 000,024,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd_02_19a2.dll
[2013.10.23 10:24:08 | 000,142,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kd_02_8086.dll
[2013.08.22 03:46:42 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\keepaliveprovider.dll
[2013.08.22 03:49:30 | 000,754,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll
[2013.08.22 06:31:40 | 000,029,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel.appcore.dll
[2013.10.22 07:14:06 | 001,033,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll
[2013.08.22 07:13:51 | 000,859,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll
[2013.08.22 04:55:08 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernelceip.dll
[2013.08.22 16:02:27 | 000,034,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KeyboardFilterCore.dll
[2013.08.22 16:02:28 | 000,075,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KeyboardFilterSvc.dll
[2013.08.22 03:48:12 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\keyiso.dll
[2013.08.22 04:26:08 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\keymgr.dll
[2013.08.22 04:54:39 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KMSVC.DLL
[2013.08.22 03:47:13 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\korwbrkr.dll
[2013.08.22 06:19:12 | 000,018,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ksuser.dll
[2013.08.22 05:13:05 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ktmw32.dll
[2013.08.22 05:01:25 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\l2gpstore.dll
[2013.08.22 04:37:19 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\l2nacp.dll
[2013.08.22 04:14:06 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\L2SecHC.dll
[2013.08.22 05:04:48 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\LangCleanupSysprepAction.dll
[2013.08.22 04:54:19 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\LAPRXY.DLL
[2012.09.20 15:02:06 | 001,798,456 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\LdaCx2.dll
[2013.08.22 04:29:07 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013.08.22 05:01:50 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\linkinfo.dll
[2013.08.22 03:19:09 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ListSvc.dll
[2013.08.22 03:48:27 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\livessp.dll
[2013.05.23 07:12:34 | 001,581,848 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\LkmdfCoInst.dll
[2013.08.22 04:59:10 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\LldpNotify.dll
[2013.08.22 04:36:31 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lltdapi.dll
[2013.08.22 05:16:58 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lltdres.dll
[2013.08.22 04:30:41 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lltdsvc.dll
[2013.08.22 05:12:23 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lmhsvc.dll
[2013.05.23 07:12:36 | 000,053,528 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\LMouFiltCoInst.dll
[2013.08.22 03:53:48 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\loadperf.dll
[2013.08.22 04:24:13 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\localsec.dll
[2013.08.22 03:16:11 | 000,834,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\localspl.dll
[2013.08.22 05:02:29 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\localui.dll
[2013.08.22 03:34:30 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\LocationApi.dll
[2013.08.22 04:29:35 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\LockScreenContent.dll
[2013.08.22 04:31:32 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\LockScreenContentHost.dll
[2013.08.22 04:49:07 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\loghours.dll
[2012.09.20 15:02:06 | 003,164,472 | ---- | M] (Logitech, Inc.) -- C:\Windows\system32\LogiLDA.DLL
[2013.08.22 03:53:27 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\logoncli.dll
[2013.08.22 05:14:31 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lpk.dll
[2013.08.22 05:02:35 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lpksetupproxyserv.dll
[2013.08.22 03:50:23 | 001,083,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lsasrv.dll
[2013.08.22 03:36:04 | 000,614,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lsm.dll
[2013.08.22 05:05:24 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lsmproxy.dll
[2013.08.22 03:47:02 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\luainstall.dll
[2013.08.22 05:07:03 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lz32.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\lzexpand.dll
[2013.08.22 04:58:24 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Magnification.dll
[2013.08.22 04:28:33 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MaintenanceUI.dll
[2013.08.22 04:58:30 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mapi32.dll
[2013.08.22 04:58:30 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mapistub.dll
[2013.08.22 03:19:14 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MbaeApi.dll
[2013.08.22 03:36:52 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MbaeApiPublic.dll
[2013.08.22 04:30:19 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MbaeXmlParser.dll
[2013.08.22 03:38:44 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mbsmsapi.dll
[2013.08.22 03:44:04 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mbussdapi.dll
[2013.06.18 13:29:43 | 000,312,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MCEWMDRMNDBootstrap.dll
[2013.08.22 05:05:36 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mciavi32.dll
[2013.08.22 05:03:58 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mcicda.dll
[2013.08.22 04:52:28 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mciqtz32.dll
[2013.08.22 05:06:52 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mciseq.dll
[2013.08.22 05:06:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mciwave.dll
[2013.08.22 06:35:20 | 000,076,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mcupdate_AuthenticAMD.dll
[2013.08.22 06:34:53 | 000,403,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mcupdate_GenuineIntel.dll
[2013.08.22 04:32:25 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\McxDriv.dll
[2013.08.22 04:32:52 | 000,203,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mdminst.dll
[2013.08.22 03:56:10 | 000,221,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mdmregistration.dll
[2013.08.22 04:54:10 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MemoryDiagnostic.dll
[2013.08.22 06:19:12 | 000,518,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mf.dll
[2013.08.22 05:06:53 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mf3216.dll
[2013.08.22 06:19:12 | 000,085,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfAACEnc.dll
[2013.09.17 07:31:42 | 000,883,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfasfsrcsnk.dll
[2013.08.22 00:35:15 | 000,924,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc40.dll
[2013.08.22 06:00:02 | 000,924,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc40u.dll
[2013.08.22 04:11:35 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc42.dll
[2013.08.22 04:12:37 | 001,059,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfc42u.dll
[2013.08.22 06:19:12 | 000,283,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MFCaptureEngine.dll
[2013.08.22 06:19:17 | 002,139,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcore.dll
[2013.08.22 03:54:13 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfcsubs.dll
[2013.08.22 04:18:26 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfds.dll
[2013.08.22 04:48:59 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfdvdec.dll
[2013.08.22 05:15:48 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mferror.dll
[2013.08.22 05:23:01 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfh264enc.dll
[2013.08.22 03:21:42 | 000,802,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MFMediaEngine.dll
[2013.08.22 04:48:56 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfmjpegdec.dll
[2013.08.22 06:19:16 | 000,663,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfmp4srcsnk.dll
[2013.08.22 06:19:17 | 000,669,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfmpeg2srcsnk.dll
[2013.08.22 06:19:16 | 000,650,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfnetcore.dll
[2013.08.22 06:19:17 | 001,011,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfnetsrc.dll
[2013.10.23 09:59:16 | 000,698,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfplat.dll
[2013.08.22 06:19:18 | 000,240,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MFPlay.dll
[2013.08.22 06:19:17 | 000,104,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfps.dll
[2013.08.22 06:19:18 | 000,355,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfreadwrite.dll
[2013.08.22 06:19:18 | 000,753,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfsrcsnk.dll
[2013.10.19 08:12:06 | 000,380,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfsvr.dll
[2013.08.22 06:19:18 | 000,179,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mftranscode.dll
[2013.08.22 06:25:00 | 000,068,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mfvdsp.dll
[2013.08.22 04:11:31 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MFWMAAEC.DLL
[2013.08.22 05:05:42 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mgmtapi.dll
[2013.08.22 03:52:56 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mi.dll
[2013.08.22 03:50:36 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mibincodec.dll
[2013.08.22 05:16:01 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-battery-events.dll
[2013.08.22 05:16:00 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-hal-events.dll
[2013.08.22 05:16:00 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-kernel-pnp-events.dll
[2013.08.22 05:16:00 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-kernel-power-events.dll
[2013.08.22 05:16:00 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll
[2013.08.22 05:16:01 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-pdc.dll
[2013.08.22 05:16:22 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-processor-aggregator-events.dll
[2013.08.22 05:16:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-sleepstudy-events.dll
[2013.08.22 05:16:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-storage-tiering-events.dll
[2013.08.22 05:16:00 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\microsoft-windows-system-events.dll
[2013.08.22 03:54:21 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[2013.08.22 03:49:34 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MicrosoftAccountTokenProvider.dll
[2013.08.22 05:04:11 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\midimap.dll
[2013.08.22 04:53:27 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\migflt.dll
[2013.08.22 04:21:05 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\migisol.dll
[2013.08.22 05:06:45 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\miguiresource.dll
[2013.08.22 04:28:51 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mimefilt.dll
[2013.08.22 03:50:58 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mimofcodec.dll
[2013.08.22 03:51:01 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MirrorDrvCompat.dll
[2013.08.22 03:35:47 | 000,980,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mispace.dll
[2013.10.05 09:24:36 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\miutils.dll
[2013.08.22 03:42:35 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mlang.dll
[2013.08.22 04:50:55 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmcbase.dll
[2013.08.22 04:49:20 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmci.dll
[2013.08.22 05:02:48 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmcico.dll
[2013.08.22 04:20:20 | 002,292,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmcndmgr.dll
[2013.08.22 04:58:41 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmcshext.dll
[2013.08.22 03:48:07 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmcss.dll
[2013.08.22 06:19:18 | 000,290,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MMDevAPI.dll
[2013.08.22 05:16:41 | 009,576,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mmres.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MMSYSTEM.DLL
[2013.08.22 04:41:27 | 000,287,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\modemui.dll
[2013.08.22 04:44:15 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\montr_ci.dll
[2013.08.22 05:16:57 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\moricons.dll
[2013.08.22 06:24:59 | 000,092,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MP3DMOD.DLL
[2013.08.22 06:25:00 | 000,263,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MP43DECD.DLL
[2013.08.22 06:25:01 | 000,446,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MP4SDECD.DLL
[2013.08.22 06:25:01 | 000,263,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MPG4DECD.DLL
[2013.08.22 06:30:36 | 000,082,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mpr.dll
[2013.08.22 03:34:29 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mprapi.dll
[2013.08.22 04:34:15 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mprddm.dll
[2013.08.22 04:47:59 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mprdim.dll
[2013.08.22 03:55:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mprext.dll
[2013.08.22 03:54:33 | 000,113,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mprmsg.dll
[2013.08.22 03:28:34 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MPSSVC.dll
[2013.10.11 14:03:50 | 000,621,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MrmCoreR.dll
[2013.08.22 03:08:48 | 000,515,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MrmIndexer.dll
[2013.08.22 04:51:50 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msaatext.dll
[2013.08.22 04:25:43 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSAC3ENC.DLL
[2013.06.18 13:21:27 | 000,061,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msacm.dll
[2013.08.22 06:19:22 | 000,086,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msacm32.dll
[2013.08.22 05:14:37 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msafd.dll
[2013.08.22 06:29:29 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msasn1.dll
[2013.08.22 06:25:01 | 000,998,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSAudDecMFT.dll
[2013.08.22 07:13:53 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msaudite.dll
[2013.08.22 03:47:55 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msauserext.dll
[2013.08.22 04:38:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscandui.dll
[2013.08.22 05:06:17 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscat32.dll
[2013.09.10 05:28:02 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msched.dll
[2013.08.22 09:16:46 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msclmd.dll
[2013.08.22 03:38:00 | 000,477,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscms.dll
[2013.08.22 04:40:54 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscoree.dll
[2013.08.22 06:11:50 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscorier.dll
[2013.08.17 01:06:32 | 000,081,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscories.dll
[2013.08.22 05:17:09 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscpx32r.dLL
[2013.08.22 05:06:09 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mscpxl32.dLL
[2013.10.02 10:47:07 | 001,018,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msctf.dll
[2013.08.22 04:52:00 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsCtfMonitor.dll
[2013.08.22 04:58:44 | 000,090,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msctfp.dll
[2013.08.22 04:59:48 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msctfui.dll
[2013.08.22 03:18:21 | 000,695,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msctfuimanager.dll
[2013.08.22 05:05:25 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdadiag.dll
[2013.08.22 04:37:42 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdart.dll
[2013.08.22 03:48:15 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdelta.dll
[2013.08.22 06:19:22 | 000,039,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdmo.dll
[2013.08.22 04:13:12 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdri.dll
[2013.08.22 03:27:50 | 000,423,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdrm.dll
[2013.08.22 03:37:51 | 000,307,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdtckrm.dll
[2013.08.22 03:44:52 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdtclog.dll
[2013.08.22 03:18:03 | 000,642,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdtcprx.dll
[2013.08.22 03:28:23 | 001,069,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdtctm.dll
[2013.08.22 03:18:10 | 000,238,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdtcuiu.dll
[2013.08.22 05:14:44 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msdtcVSp1res.dll
[2013.06.18 13:17:35 | 000,409,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msexch40.dll
[2013.06.18 13:17:36 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msexcl40.dll
[2013.08.22 04:01:52 | 000,523,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013.08.22 04:15:25 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013.08.22 03:41:01 | 002,266,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msftedit.dll
[2013.10.19 07:37:58 | 017,142,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2013.08.22 04:53:57 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MshtmlDac.dll
[2013.08.22 04:13:20 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013.08.22 05:16:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013.08.22 04:39:45 | 003,258,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll
[2013.08.22 05:00:12 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsiCofire.dll
[2013.08.22 05:06:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msidcrl40.dll
[2013.08.22 04:37:08 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msident.dll
[2013.08.22 03:54:39 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msidle.dll
[2013.08.22 05:14:28 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msidntld.dll
[2013.08.22 04:11:44 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msieftp.dll
[2013.08.22 04:43:00 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msihnd.dll
[2013.08.22 05:04:34 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msiltcfg.dll
[2013.08.22 03:55:04 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msimg32.dll
[2013.08.22 05:15:52 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msimsg.dll
[2013.08.22 03:43:30 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msimtf.dll
[2013.08.22 05:06:31 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msisip.dll
[2013.08.22 05:06:32 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msiwer.dll
[2013.06.18 13:17:38 | 001,589,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msjet40.dll
[2013.06.18 13:17:42 | 000,364,544 | ---- | M] () -- C:\Windows\system32\msjetoledb40.dll
[2013.06.18 13:17:45 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msjint40.dll
[2013.06.18 13:17:45 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msjter40.dll
[2013.06.18 13:17:45 | 000,290,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msjtes40.dll
[2013.08.22 03:54:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mskeyprotcli.dll
[2013.08.22 03:54:40 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mskeyprotect.dll
[2013.08.22 05:07:03 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013.06.18 13:17:45 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msltus40.dll
[2013.08.22 06:25:01 | 001,456,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2adec.dll
[2013.08.22 05:23:04 | 001,049,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSMPEG2ENC.DLL
[2013.08.22 06:25:01 | 002,804,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2vdec.dll
[2013.08.22 04:07:59 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msnetobj.dll
[2013.08.22 07:13:53 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msobjs.dll
[2013.08.22 04:08:19 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msoeacct.dll
[2013.08.22 04:05:14 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msoert2.dll
[2013.08.22 05:17:02 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msorc32r.dll
[2013.08.22 05:04:26 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msorcl32.dll
[2013.08.22 03:53:55 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mspatcha.dll
[2013.08.22 03:54:13 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mspatchc.dll
[2013.06.18 13:17:45 | 000,368,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mspbde40.dll
[2013.08.22 04:54:50 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msports.dll
[2013.08.22 05:16:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msprivs.dll
[2013.08.22 04:13:53 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrahc.dll
[2013.08.22 04:16:18 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2013.06.18 13:17:45 | 000,319,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrd2x40.dll
[2013.06.18 13:17:48 | 000,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrd3x40.dll
[2013.08.22 04:21:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrdc.dll
[2013.08.22 04:53:52 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsRdpWebAccess.dll
[2013.06.18 13:17:49 | 000,643,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrepl40.dll
[2013.08.22 05:04:14 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrle32.dll
[2013.08.22 04:21:29 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msscntrs.dll
[2013.08.22 04:16:16 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msscp.dll
[2013.08.22 04:49:09 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssha.dll
[2013.08.22 05:16:24 | 000,268,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msshavmsg.dll
[2013.08.22 03:21:42 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msshooks.dll
[2013.08.22 04:54:24 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssign32.dll
[2013.08.22 05:06:17 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssip32.dll
[2013.08.22 04:45:12 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssitlb.dll
[2013.08.22 03:21:56 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsSpellCheckingFacility.dll
[2013.08.22 04:14:44 | 000,372,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssph.dll
[2013.08.22 04:13:51 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssphtb.dll
[2013.08.22 03:21:43 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssprxy.dll
[2013.08.22 03:17:42 | 001,717,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssrch.dll
[2013.08.22 04:06:14 | 000,676,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mssvp.dll
[2013.08.22 03:21:12 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstask.dll
[2013.06.18 13:17:51 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstext40.dll
[2013.08.22 16:02:21 | 000,435,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msTextPrediction.dll
[2013.10.05 08:32:48 | 005,769,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll
[2013.08.22 05:03:33 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msutb.dll
[2013.08.22 06:29:02 | 000,330,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msv1_0.dll
[2013.06.18 13:37:50 | 001,386,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvbvm60.dll
[2013.08.22 05:14:42 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcirt.dll
[2012.09.20 15:02:04 | 000,534,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp110.dll
[2013.08.10 01:56:56 | 000,536,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp120_clr0400.dll
[2013.08.22 05:14:45 | 000,410,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcp60.dll
[2013.08.10 01:56:56 | 000,018,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr100_clr0400.dll
[2012.09.20 15:02:04 | 000,862,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr110.dll
[2013.08.10 01:56:56 | 000,876,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcr120_clr0400.dll
[2013.08.22 07:13:53 | 000,780,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt.dll
[2013.06.18 13:38:29 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt20.dll
[2013.08.22 05:14:28 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvcrt40.dll
[2013.08.22 04:54:47 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvfw32.dll
[2013.08.22 05:04:14 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvidc32.dll
[2013.08.22 04:16:37 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSVidCtl.dll
[2013.06.18 13:21:03 | 000,126,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvideo.dll
[2013.08.22 06:25:01 | 000,178,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSVideoDSP.dll
[2013.08.22 06:19:23 | 000,312,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msvproc.dll
[2013.08.22 04:56:52 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSWB7.dll
[2013.08.22 04:51:58 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSWB70011.dll
[2013.08.22 04:51:58 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSWB7001E.dll
[2013.08.22 04:51:58 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSWB70404.dll
[2013.08.22 04:51:58 | 000,494,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MSWB70804.dll
[2013.06.18 13:17:51 | 000,856,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mswdat10.dll
[2013.08.22 04:32:23 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mswmdm.dll
[2013.08.22 03:55:25 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mswsock.dll
[2013.06.18 13:17:51 | 000,618,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mswstr10.dll
[2013.06.18 13:17:51 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxbde40.dll
[2013.08.22 03:27:53 | 001,316,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll
[2013.08.22 05:16:34 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3r.dll
[2013.08.22 06:28:06 | 001,721,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll
[2013.08.22 05:16:35 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6r.dll
[2013.08.22 05:03:48 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msyuv.dll
[2013.08.22 03:37:01 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mtxclu.dll
[2013.08.22 03:46:55 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mtxdm.dll
[2013.08.22 05:05:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mtxex.dll
[2013.08.22 03:46:40 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mtxlegih.dll
[2013.08.22 03:45:12 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mtxoci.dll
[2013.08.22 05:03:18 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\muifontsetup.dll
[2013.08.22 05:04:35 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MUILanguageCleanup.dll
[2013.08.22 04:48:41 | 000,236,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mycomput.dll
[2013.08.22 04:39:29 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mydocs.dll
[2013.08.22 06:24:57 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NAPCRYPT.DLL
[2013.08.22 04:39:08 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\napdsnap.dll
[2013.08.22 06:24:56 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NAPHLPR.DLL
[2013.08.22 05:03:46 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NapiNSP.dll
[2013.08.22 04:46:57 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\napipsec.dll
[2013.08.22 03:18:52 | 000,238,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NAPMONTR.DLL
[2013.08.22 03:21:32 | 000,852,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NaturalLanguage6.dll
[2013.08.22 04:45:17 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NcaApi.dll
[2013.08.22 04:10:39 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NcaSvc.dll
[2013.08.22 03:41:55 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncbservice.dll
[2013.08.22 03:21:32 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NcdAutoSetup.dll
[2013.08.22 04:39:14 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NcdProp.dll
[2013.08.22 03:39:38 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nci.dll
[2013.08.22 03:52:28 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncobjapi.dll
[2013.08.22 06:29:29 | 000,113,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll
[2013.08.22 03:55:19 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncryptprov.dll
[2013.10.10 15:53:55 | 000,088,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncryptsslp.dll
[2013.08.22 05:02:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncsi.dll
[2013.08.22 03:50:01 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncuprov.dll
[2013.08.22 05:06:18 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nddeapi.dll
[2013.08.22 03:21:20 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndfapi.dll
[2013.08.22 04:36:42 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndfetw.dll
[2013.08.22 04:37:28 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndfhcdiscovery.dll
[2013.08.22 03:31:58 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndiscapCfg.dll
[2013.08.22 04:27:17 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndishc.dll
[2013.08.22 04:47:09 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NdisImPlatform.dll
[2013.08.22 04:42:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndproxystub.dll
[2013.08.22 03:47:09 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nduprov.dll
[2013.08.22 03:50:20 | 000,104,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\negoexts.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi.dll
[2013.08.22 06:29:29 | 000,066,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll
[2013.08.22 05:07:04 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netbios.dll
[2013.08.22 03:11:03 | 001,154,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcenter.dll
[2013.08.22 06:30:39 | 000,394,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcfgx.dll
[2013.08.22 04:07:55 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcorehc.dll
[2013.08.22 04:14:48 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netdiagfx.dll
[2013.08.22 05:17:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netevent.dll
[2013.08.22 04:55:33 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netfxperf.dll
[2013.08.22 05:16:18 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\neth.dll
[2013.08.22 04:17:25 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netid.dll
[2013.08.22 03:32:37 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netiohlp.dll
[2013.08.22 03:52:14 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netjoin.dll
[2013.08.22 03:49:21 | 000,688,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netlogon.dll
[2013.08.22 03:16:41 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netman.dll
[2013.08.22 05:15:57 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netmsg.dll
[2013.08.22 03:20:02 | 000,154,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netplwiz.dll
[2013.08.22 03:44:06 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netprofm.dll
[2013.08.22 03:44:38 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netprofmsvc.dll
[2013.08.22 04:55:30 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netprovisionsp.dll
[2013.08.22 03:50:40 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NetSetupApi.dll
[2013.08.22 04:11:26 | 002,703,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netshell.dll
[2013.08.22 04:15:22 | 000,726,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nettrace.dll
[2013.08.22 06:29:29 | 000,036,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netutils.dll
[2013.08.22 04:54:32 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NetVscCoinstall.dll
[2013.08.22 06:11:13 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netvscres.dll
[2013.08.22 04:07:01 | 001,664,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\networkexplorer.dll
[2013.08.22 04:20:19 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\networkitemfactory.dll
[2013.08.22 03:22:51 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NetworkStatus.dll
[2013.08.22 04:23:41 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\newdev.dll
[2013.08.22 03:38:28 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ninput.dll
[2013.08.22 04:54:37 | 007,323,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Data0011.dll
[2013.08.22 04:54:28 | 000,766,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Data001E.dll
[2013.08.22 04:56:33 | 002,220,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Data0404.dll
[2013.08.22 04:55:22 | 003,341,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Data0804.dll
[2013.08.22 05:17:07 | 002,454,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Lexicons0011.dll
[2013.08.22 05:17:07 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Lexicons001E.dll
[2013.08.22 05:17:05 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Lexicons0404.dll
[2013.08.22 05:17:05 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Lexicons0804.dll
[2013.08.22 05:17:05 | 007,701,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Models0011.dll
[2013.08.22 05:17:04 | 001,117,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Models001E.dll
[2013.08.22 05:17:05 | 009,719,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Models0404.dll
[2013.08.22 05:17:05 | 002,963,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NL7Models0804.dll
[2013.08.22 03:48:53 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlaapi.dll
[2013.08.22 04:47:19 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlahc.dll
[2013.08.22 03:34:50 | 000,307,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlasvc.dll
[2013.08.22 04:20:40 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlhtml.dll
[2013.08.22 04:37:50 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlmgp.dll
[2013.08.22 03:47:20 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlmproxy.dll
[2013.08.22 05:04:55 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlmsprep.dll
[2013.08.22 05:17:09 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nlsbres.dll
[2013.08.22 04:37:26 | 001,543,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0000.dll
[2013.08.22 04:36:22 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0002.dll
[2013.08.22 04:35:41 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0003.dll
[2013.08.22 04:37:33 | 002,017,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0007.dll
[2013.08.22 04:37:15 | 004,924,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0009.dll
[2013.08.22 04:37:55 | 009,584,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData000a.dll
[2013.08.22 04:37:29 | 002,289,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData000c.dll
[2013.08.22 04:36:14 | 002,372,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData000d.dll
[2013.08.22 04:36:17 | 001,993,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData000f.dll
[2013.08.22 04:36:11 | 004,510,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0010.dll
[2013.08.22 04:35:47 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0018.dll
[2013.08.22 04:35:54 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData001a.dll
[2013.08.22 04:35:40 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData001b.dll
[2013.08.22 04:36:16 | 004,511,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData001d.dll
[2013.08.22 04:36:15 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0020.dll
[2013.08.22 04:35:28 | 001,819,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0021.dll
[2013.08.22 04:35:42 | 001,819,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0022.dll
[2013.08.22 04:35:42 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0024.dll
[2013.08.22 04:36:36 | 001,993,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0026.dll
[2013.08.22 04:35:42 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0027.dll
[2013.08.22 04:36:25 | 001,819,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData002a.dll
[2013.08.22 04:36:09 | 003,132,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0039.dll
[2013.08.22 04:35:41 | 001,819,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData003e.dll
[2013.08.22 04:35:43 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0045.dll
[2013.08.22 04:35:44 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0046.dll
[2013.08.22 04:35:33 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0047.dll
[2013.08.22 04:35:45 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0049.dll
[2013.08.22 04:35:30 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData004a.dll
[2013.08.22 04:36:18 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData004b.dll
[2013.08.22 04:35:54 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData004c.dll
[2013.08.22 04:36:03 | 003,125,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData004e.dll
[2013.08.22 04:36:09 | 004,510,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0414.dll
[2013.08.22 04:36:22 | 004,511,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0416.dll
[2013.08.22 04:36:30 | 004,510,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0816.dll
[2013.08.22 04:35:53 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData081a.dll
[2013.08.22 04:35:36 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsData0c1a.dll
[2013.08.22 05:06:30 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Nlsdl.dll
[2013.08.22 05:16:31 | 004,164,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0002.dll
[2013.08.22 05:16:27 | 001,452,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0003.dll
[2013.08.22 05:16:25 | 012,038,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0007.dll
[2013.08.22 05:16:27 | 002,628,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0009.dll
[2013.08.22 05:16:24 | 009,892,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons000a.dll
[2013.08.22 05:16:24 | 006,237,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons000c.dll
[2013.08.22 05:16:23 | 001,722,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons000d.dll
[2013.08.22 05:16:29 | 005,654,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons000f.dll
[2013.08.22 05:16:29 | 004,175,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0010.dll
[2013.08.22 05:16:30 | 003,331,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0018.dll
[2013.08.22 05:16:29 | 006,014,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons001a.dll
[2013.08.22 05:16:34 | 006,585,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons001b.dll
[2013.08.22 05:16:30 | 006,346,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons001d.dll
[2013.08.22 05:16:33 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0020.dll
[2013.08.22 05:16:29 | 002,136,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0021.dll
[2013.08.22 05:16:32 | 005,499,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0022.dll
[2013.08.22 05:16:34 | 007,964,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0024.dll
[2013.08.22 05:16:31 | 005,791,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0026.dll
[2013.08.22 05:16:28 | 006,224,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0027.dll
[2013.08.22 05:16:32 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons002a.dll
[2013.08.22 05:16:27 | 001,782,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0039.dll
[2013.08.22 05:16:28 | 004,045,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons003e.dll
[2013.08.22 05:16:29 | 001,793,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0045.dll
[2013.08.22 05:16:29 | 001,808,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0046.dll
[2013.08.22 05:16:23 | 001,411,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0047.dll
[2013.08.22 05:16:30 | 001,558,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0049.dll
[2013.08.22 05:16:31 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons004a.dll
[2013.08.22 05:16:32 | 001,702,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons004b.dll
[2013.08.22 05:16:32 | 004,093,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons004c.dll
[2013.08.22 05:16:32 | 001,972,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons004e.dll
[2013.08.22 05:16:28 | 004,616,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0414.dll
[2013.08.22 05:16:29 | 005,090,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0416.dll
[2013.08.22 05:16:31 | 005,031,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0816.dll
[2013.08.22 05:16:31 | 007,042,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons081a.dll
[2013.08.22 05:16:29 | 006,917,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\NlsLexicons0c1a.dll
[2013.08.22 05:06:42 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\normaliz.dll
[2013.08.22 05:02:28 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\npmproxy.dll
[2013.08.22 03:54:17 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nrpsrv.dll
[2013.08.22 03:54:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nshhttp.dll
[2013.08.22 04:40:46 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nshipsec.dll
[2013.08.22 03:19:05 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nshwfp.dll
[2013.08.22 07:13:54 | 000,019,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nsi.dll
[2013.08.22 07:13:54 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\nsisvc.dll
[2013.08.22 06:29:30 | 000,171,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntasn1.dll
[2013.08.22 07:13:53 | 001,445,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll
[2013.08.22 03:52:04 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdsapi.dll
[2013.08.22 03:52:28 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntlanman.dll
[2013.08.22 04:30:34 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntlanui2.dll
[2013.08.22 06:29:29 | 000,147,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntmarta.dll
[2013.08.22 03:22:32 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntprint.dll
[2013.08.22 03:19:05 | 000,643,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntshrui.dll
[2013.08.22 04:45:13 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdmcpl.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdmd.dll
[2013.08.22 04:14:18 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\objsel.dll
[2013.08.22 04:09:12 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2013.08.22 04:55:50 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ocsetapi.dll
[2013.06.18 13:19:16 | 000,026,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbc16gt.dll
[2013.08.22 04:47:14 | 000,637,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbc32.dll
[2013.08.22 04:37:50 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbc32gt.dll
[2013.08.22 05:04:09 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbcbcp.dll
[2013.08.22 04:36:20 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbcconf.dll
[2013.08.22 04:49:24 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbccp32.dll
[2013.08.22 04:36:43 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbccr32.dll
[2013.08.22 04:36:37 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbccu32.dll
[2013.08.22 05:16:36 | 000,224,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbcint.dll
[2013.08.22 05:01:18 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbcji32.dll
[2013.08.22 05:01:11 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbcjt32.dll
[2013.08.22 04:37:10 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odbctrac.dll
[2013.08.22 05:01:10 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oddbse32.dll
[2013.08.22 05:01:05 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odexl32.dll
[2013.08.22 05:01:09 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odfox32.dll
[2013.08.22 05:01:05 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odpdx32.dll
[2013.08.22 05:01:12 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\odtext32.dll
[2013.08.22 04:17:37 | 000,103,936 | ---- | M] () -- C:\Windows\system32\OEMLicense.dll
[2013.08.22 04:44:32 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\offfilt.dll
[2013.08.22 05:04:55 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\offreg.dll
[2013.08.22 04:50:44 | 001,060,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ogldrv.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ole2.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ole2disp.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ole2nls.dll
[2013.08.22 06:21:43 | 001,092,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ole32.dll
[2013.08.22 03:42:31 | 000,280,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oleacc.dll
[2013.08.22 05:07:07 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oleacchooks.dll
[2013.08.22 05:16:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oleaccrc.dll
[2013.08.22 06:19:45 | 000,552,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oleaut32.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\olecli.dll
[2013.08.22 04:54:58 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\olecli32.dll
[2013.08.22 04:54:38 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oledlg.dll
[2013.08.22 04:20:37 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\oleprn.dll
[2013.08.22 04:54:15 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\olepro32.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\OLESVR.DLL
[2013.08.22 04:54:54 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\olesvr32.dll
[2013.08.22 04:39:57 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\olethk32.dll
[2013.08.22 03:53:48 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\OnDemandConnRouteHelper.dll
[2013.08.22 03:42:42 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\onex.dll
[2013.08.22 04:41:25 | 001,070,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\onexui.dll
[2013.08.22 05:06:56 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\OobeFldr.dll
[2013.08.22 04:12:59 | 001,372,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\OpcServices.dll
[2013.08.22 05:03:20 | 000,737,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\opengl32.dll
[2013.08.22 05:04:51 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\osbaseln.dll
[2013.08.22 05:06:12 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\OskSupport.dll
[2013.08.22 05:06:42 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\osuninst.dll
[2013.08.22 03:25:22 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\P2P.dll
[2013.08.22 03:42:40 | 000,360,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\P2PGraph.dll
[2013.08.22 04:21:39 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\p2pnetsh.dll
[2013.08.22 03:17:38 | 000,359,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\p2psvc.dll
[2013.08.22 05:06:55 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\packager.dll
[2013.08.22 03:20:22 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PackageStateRoaming.dll
[2013.08.22 05:02:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\panmap.dll
[2013.08.22 03:45:11 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pautoenr.dll
[2013.08.22 05:03:31 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcacli.dll
[2013.08.22 03:49:00 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcadm.dll
[2013.08.22 05:15:52 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcaevts.dll
[2013.08.22 03:28:46 | 000,380,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcasvc.dll
[2013.08.22 04:46:48 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcaui.dll
[2013.08.22 03:48:28 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PCPKsp.dll
[2013.08.22 03:52:52 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PCPTpm12.dll
[2013.10.05 09:00:56 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcsvDevice.dll
[2013.08.22 05:13:22 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcwum.dll
[2013.08.22 04:17:54 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pcwutl.dll
[2013.08.22 03:52:31 | 000,254,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pdh.dll
[2013.08.22 04:56:49 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pdhui.dll
[2013.08.22 16:02:25 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDist.dll
[2013.08.22 16:02:25 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistAD.dll
[2013.08.22 16:02:29 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistCacheProvider.dll
[2013.08.22 16:02:25 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistCleaner.dll
[2013.08.22 16:02:25 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistHttpTrans.dll
[2013.08.22 16:02:29 | 001,165,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistSh.dll
[2013.08.22 16:02:25 | 001,778,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistSvc.dll
[2013.08.22 16:02:25 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PeerDistWSDDiscoProv.dll
[2013.08.22 03:47:23 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perfctrs.dll
[2013.08.22 03:53:33 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perfdisk.dll
[2013.08.22 03:53:52 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perfnet.dll
[2013.08.22 03:53:17 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perfos.dll
[2013.08.22 03:53:53 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perfproc.dll
[2013.08.22 03:29:07 | 000,829,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perftrack.dll
[2013.08.22 05:04:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\perfts.dll
[2013.08.22 03:39:44 | 000,345,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PhotoMetadataHandler.dll
[2013.08.22 04:06:43 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\photowiz.dll
[2013.08.22 05:00:41 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pid.dll
[2013.08.22 04:51:43 | 000,739,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pidgenx.dll
[2013.08.22 05:16:56 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pifmgr.dll
[2013.08.22 03:48:52 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pku2u.dll
[2013.08.22 04:18:45 | 001,477,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pla.dll
[2013.08.22 04:37:29 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\playlistfolder.dll
[2013.08.22 04:58:09 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PlaySndSrv.dll
[2013.08.22 03:17:03 | 000,204,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PlayToDevice.dll
[2013.08.22 03:25:56 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PlayToManager.dll
[2013.08.22 04:57:00 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PlayToStatusProvider.dll
[2013.10.10 15:53:39 | 000,029,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ploptin.dll
[2013.08.22 16:02:27 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pmcsnap.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pmspl.dll
[2013.08.22 04:59:15 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2013.08.22 03:12:28 | 000,560,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnidui.dll
[2013.08.22 04:31:34 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnpclean.dll
[2013.08.22 04:52:20 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnppolicy.dll
[2013.08.22 05:04:41 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnpts.dll
[2013.08.22 04:20:43 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnpui.dll
[2013.08.22 04:34:31 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PNPXAssoc.dll
[2013.08.22 04:42:59 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PNPXAssocPrx.dll
[2013.08.22 03:44:32 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnrpauto.dll
[2013.08.22 03:41:51 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Pnrphc.dll
[2013.08.22 03:52:11 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnrpnsp.dll
[2013.08.22 03:32:47 | 000,326,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pnrpsvc.dll
[2013.08.22 03:51:04 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\polstore.dll
[2013.08.22 03:20:34 | 000,525,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceApi.dll
[2013.08.22 03:18:31 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceClassExtension.dll
[2013.08.22 03:38:08 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceConnectApi.dll
[2013.08.22 04:33:13 | 000,427,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceStatus.dll
[2013.08.22 04:30:23 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceSyncProvider.dll
[2013.08.22 03:18:35 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceTypes.dll
[2013.08.22 04:18:41 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceWiaCompat.dll
[2013.08.22 04:18:54 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PortableDeviceWMDRM.dll
[2013.08.22 03:52:06 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pots.dll
[2013.08.22 04:24:02 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\powercpl.dll
[2013.08.22 03:54:34 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PowerWmiProvider.dll
[2013.08.22 06:31:41 | 000,251,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\powrprof.dll
[2013.08.22 16:02:27 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ppcsnap.dll
[2013.08.22 04:15:47 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PresentationHostProxy.dll
[2013.08.22 05:17:43 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prflbmsg.dll
[2013.08.22 04:03:29 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PrintDialogs.dll
[2013.08.22 04:59:40 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\printfilterpipelineprxy.dll
[2013.08.22 03:21:27 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PrintIsolationProxy.dll
[2013.08.22 03:07:41 | 001,057,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\printui.dll
[2013.08.22 05:17:04 | 016,735,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0001.dll
[2013.08.22 05:17:04 | 006,472,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0005.dll
[2013.08.22 05:17:02 | 007,045,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0006.dll
[2013.08.22 05:17:04 | 011,601,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0007.dll
[2013.08.22 05:17:02 | 008,229,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0008.dll
[2013.08.22 05:17:03 | 005,738,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0009.dll
[2013.08.22 05:17:02 | 008,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm000b.dll
[2013.08.22 05:17:05 | 010,402,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm000e.dll
[2013.08.22 05:17:02 | 009,481,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0013.dll
[2013.08.22 05:17:02 | 007,849,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0015.dll
[2013.08.22 05:17:04 | 008,628,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm0019.dll
[2013.08.22 05:17:02 | 014,328,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prm001f.dll
[2013.08.22 04:58:11 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prncache.dll
[2013.08.22 04:31:11 | 000,460,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prnfldr.dll
[2013.08.22 04:06:56 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prnntfy.dll
[2013.08.22 04:50:50 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prntvpt.dll
[2013.08.22 03:49:06 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\procinst.dll
[2013.08.22 07:13:53 | 000,051,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\profapi.dll
[2013.08.22 03:45:19 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\profext.dll
[2013.08.22 04:32:46 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\profprov.dll
[2013.10.10 12:12:19 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\profsvc.dll
[2013.08.22 03:19:57 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\profsvcext.dll
[2013.08.22 06:25:34 | 001,201,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\propsys.dll
[2013.08.22 03:34:38 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\provcore.dll
[2013.08.22 03:17:17 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\provsvc.dll
[2013.08.22 03:51:21 | 000,211,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\provthrd.dll
[2013.08.22 03:45:57 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ProximityCommon.dll
[2013.08.22 03:46:15 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ProximityCommonPal.dll
[2013.08.22 03:52:12 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ProximityRtapiPal.dll
[2013.08.22 03:40:16 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ProximityService.dll
[2013.08.22 03:40:26 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ProximityServicePal.dll
[2013.08.22 03:46:09 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\prvdmofcomp.dll
[2013.08.22 06:31:40 | 000,016,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\psapi.dll
[2013.08.22 07:13:53 | 000,059,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PSHED.DLL
[2013.08.22 04:29:48 | 000,457,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\psisdecd.dll
[2013.08.22 03:22:04 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PSModuleDiscoveryProvider.dll
[2013.09.19 05:34:37 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\psmsrv.dll
[2013.08.22 04:54:22 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pstask.dll
[2013.08.22 05:00:53 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pstorec.dll
[2013.08.22 03:20:04 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\puiapi.dll
[2013.08.22 04:13:30 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\puiobj.dll
[2013.08.22 04:00:51 | 000,667,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\PurchaseWindowsLicense.dll
[2013.08.22 04:19:12 | 000,305,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pwlauncher.dll
[2013.08.22 04:32:44 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pwrshplugin.dll
[2013.08.22 04:36:29 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pwsso.dll
[2013.08.22 04:21:10 | 000,171,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\QAGENT.DLL
[2013.08.22 04:41:34 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\QAGENTRT.DLL
[2013.08.22 04:16:33 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qasf.dll
[2013.08.22 04:50:04 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qcap.dll
[2013.08.22 04:46:31 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\QCLIPROV.DLL
[2013.08.22 04:48:10 | 000,273,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdv.dll
[2013.08.22 04:47:29 | 000,469,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll
[2013.08.22 04:28:12 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll
[2013.08.22 05:16:59 | 000,733,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedwipes.dll
[2013.08.22 04:05:38 | 000,801,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qmgr.dll
[2013.08.22 04:58:22 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qmgrprxy.dll
[2013.08.22 04:20:14 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\QSHVHOST.DLL
[2013.08.22 04:20:13 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\QSVRMGMT.DLL
[2013.08.22 04:18:28 | 001,352,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\quartz.dll
[2013.08.22 04:34:42 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Query.dll
[2013.08.22 04:47:52 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\QUTIL.DLL
[2013.08.22 03:41:13 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qwave.dll
[2013.08.22 03:24:18 | 001,370,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RacEngn.dll
[2013.08.22 04:21:13 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\racpldlg.dll
[2013.08.22 05:04:37 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\radardt.dll
[2013.08.22 04:43:36 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\radarrs.dll
[2013.08.22 04:07:50 | 000,282,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RADCUI.dll
[2013.08.22 03:54:36 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasadhlp.dll
[2013.08.22 03:17:54 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasapi32.dll
[2013.08.22 04:55:59 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasauto.dll
[2013.08.22 03:19:38 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rascfg.dll
[2013.08.22 03:35:46 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\raschap.dll
[2013.08.22 03:45:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\raschapext.dll
[2013.08.22 05:04:41 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasctrs.dll
[2013.08.22 03:28:39 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rascustom.dll
[2013.08.22 04:32:22 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasdiag.dll
[2013.08.22 04:08:27 | 000,779,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasdlg.dll
[2013.08.22 03:59:02 | 000,835,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasgcw.dll
[2013.08.22 03:49:40 | 000,138,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasman.dll
[2013.08.22 03:23:26 | 000,456,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasmans.dll
[2013.08.22 03:45:41 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasmbmgr.dll
[2013.08.22 04:31:47 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RASMM.dll
[2013.08.22 04:22:39 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasmontr.dll
[2013.08.22 05:04:20 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasmxs.dll
[2013.08.22 04:46:27 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasplap.dll
[2013.08.22 04:39:13 | 000,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasppp.dll
[2013.08.22 05:04:22 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rasser.dll
[2013.08.22 03:52:14 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rastapi.dll
[2013.08.22 03:24:50 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rastls.dll
[2013.08.22 03:45:34 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rastlsext.dll
[2013.08.22 03:21:40 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdbui.dll
[2013.08.22 05:06:12 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcfgex.dll
[2013.08.22 03:58:01 | 003,083,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll
[2013.08.22 16:02:28 | 002,823,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcorets.dll
[2013.08.22 04:20:41 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpencom.dll
[2013.08.22 16:02:28 | 000,267,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpendp.dll
[2013.08.22 05:02:50 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RdpSaPs.dll
[2013.08.22 16:02:28 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpudd.dll
[2013.08.22 03:21:13 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RDSAppXHelper.dll
[2013.08.22 03:43:12 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdsdwmdr.dll
[2013.08.22 04:16:49 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdvidcrl.dll
[2013.08.22 04:13:07 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdvvmtransport.dll
[2013.08.22 04:06:52 | 000,763,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ReAgent.dll
[2013.08.22 03:46:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ReAgentTask.dll
[2013.08.22 04:18:59 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\recovery.dll
[2013.08.22 05:02:36 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\regapi.dll
[2013.08.22 04:38:15 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RegCtrl.dll
[2013.08.22 05:07:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\regidle.dll
[2013.08.22 03:53:20 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\regsvc.dll
[2013.08.22 03:50:55 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ReInfo.dll
[2013.08.22 04:22:30 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotepg.dll
[2013.08.22 04:30:17 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RemoveDeviceContextHandler.dll
[2013.08.22 04:37:49 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RemoveDeviceElevated.dll
[2013.08.22 06:25:01 | 000,223,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RESAMPLEDMO.DLL
[2013.08.22 04:01:41 | 000,811,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\reseteng.dll
[2013.08.22 04:46:24 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\resutils.dll
[2013.08.22 16:02:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rfxvmt.dll
[2013.08.22 04:55:36 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rgb9rast.dll
[2013.08.22 05:04:54 | 000,513,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\riched20.dll
[2013.08.22 05:06:22 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\riched32.dll
[2013.08.22 03:46:25 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RMapi.dll
[2013.08.22 05:14:37 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rnr20.dll
[2013.08.22 03:43:38 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RoamingSecurity.dll
[2013.08.10 01:39:23 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rometadata.dll
[2013.08.22 16:02:22 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RotMgr.dll
[2013.08.22 07:13:54 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RpcEpMap.dll
[2013.08.22 05:03:05 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpchttp.dll
[2013.08.22 05:03:29 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RpcNs4.dll
[2013.08.22 04:57:39 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcnsh.dll
[2013.08.22 07:13:53 | 000,802,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcrt4.dll
[2013.08.22 06:21:42 | 000,049,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RpcRtRemote.dll
[2013.08.22 03:44:30 | 000,594,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcss.dll
[2013.08.22 06:29:30 | 000,188,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rsaenh.dll
[2013.08.22 04:27:28 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rshx32.dll
[2013.08.22 04:30:25 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RstrtMgr.dll
[2013.08.22 04:20:37 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rtffilt.dll
[2013.08.22 05:03:14 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rtm.dll
[2012.03.29 07:26:12 | 009,888,360 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\system32\RtsPStorIcon.dll
[2013.08.22 03:54:38 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rtutils.dll
[2013.08.22 06:19:23 | 000,096,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\RTWorkQ.dll
[2013.08.22 03:54:17 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\samcli.dll
[2013.08.22 03:54:33 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\samlib.dll
[2013.10.05 09:29:53 | 000,595,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\samsrv.dll
[2013.08.22 05:05:46 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sas.dll
[2013.08.22 04:09:54 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sbe.dll
[2013.08.22 04:01:34 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sbeio.dll
[2013.08.22 05:15:49 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sberes.dll
[2013.08.22 04:34:38 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scansetting.dll
[2013.08.22 04:48:39 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SCardDlg.dll
[2013.08.22 04:53:37 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SCardSvr.dll
[2013.08.22 04:32:22 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scavengeui.dll
[2013.08.22 05:01:21 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sccls.dll
[2013.08.22 03:49:34 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ScDeviceEnum.dll
[2013.08.22 03:48:17 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll
[2013.08.22 03:48:20 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scesrv.dll
[2013.08.22 03:55:02 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scext.dll
[2013.08.22 03:49:23 | 000,348,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll
[2013.08.22 03:53:19 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schedcli.dll
[2013.08.22 03:17:54 | 000,976,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schedsvc.dll
[2013.08.22 04:59:08 | 000,242,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scksp.dll
[2013.08.22 04:45:01 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scripto.dll
[2013.08.22 04:54:17 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scrobj.dll
[2013.08.22 16:02:30 | 000,463,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scrptadm.dll
[2013.08.22 04:54:35 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scrrun.dll
[2013.08.22 03:54:30 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sdhcinst.dll
[2013.08.22 04:49:08 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sdiageng.dll
[2013.08.22 04:29:11 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sdiagprv.dll
[2013.08.22 04:53:36 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sdiagschd.dll
[2013.08.22 04:47:00 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sdohlp.dll
[2013.08.22 03:10:27 | 000,830,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SearchFolder.dll
[2013.08.22 07:13:54 | 000,252,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sechost.dll
[2013.08.22 05:03:44 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\seclogon.dll
[2013.08.22 03:42:32 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc.dll
[2013.08.22 03:42:29 | 000,332,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_isv.dll
[2013.08.22 04:56:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp.dll
[2013.08.22 04:56:28 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secproc_ssp_isv.dll
[2013.08.22 03:55:53 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll
[2013.08.22 05:14:43 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\security.dll
[2013.08.22 04:24:59 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sendmail.dll
[2013.08.22 03:46:38 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Sens.dll
[2013.08.22 05:07:04 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SensApi.dll
[2013.08.22 16:02:29 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SensorPerformanceEvents.dll
[2013.08.22 16:02:18 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SensorsApi.dll
[2013.08.22 16:02:20 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SensorsClassExtension.dll
[2013.08.22 16:02:22 | 002,119,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SensorsCpl.dll
[2013.08.22 16:02:21 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sensrsvc.dll
[2013.08.22 04:48:16 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\serialui.dll
[2013.08.22 05:02:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\serwvdrv.dll
[2013.08.22 03:14:04 | 000,280,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SessEnv.dll
[2013.08.22 05:06:31 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\setbcdlocale.dll
[2013.08.22 04:34:50 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetNetworkLocation.dll
[2013.08.22 04:24:37 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SetProxyCredential.dll
[2013.08.22 03:12:59 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SettingMonitor.dll
[2013.10.11 17:34:23 | 002,038,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SettingsHandlers.dll
[2013.08.22 03:04:04 | 000,454,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SettingSync.dll
[2013.08.22 03:07:42 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SettingSyncCore.dll
[2013.08.22 03:07:26 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SettingSyncPolicy.dll
[2013.08.22 06:31:42 | 001,766,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\setupapi.dll
[2013.08.22 05:00:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\setupcln.dll
[2013.08.22 05:16:00 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\setupetw.dll
[2013.08.22 05:13:28 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sfc.dll
[2013.08.22 05:06:58 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sfc_os.dll
[2013.08.22 03:18:24 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shacct.dll
[2013.08.22 04:09:13 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sharemediacpl.dll
[2013.08.22 06:25:37 | 000,476,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SHCore.dll
[2013.08.22 05:07:29 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shdocvw.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SHELL.DLL
[2013.11.05 19:51:37 | 018,642,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll
[2013.08.22 05:16:24 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shellstyle.dll
[2013.08.22 05:02:27 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shfolder.dll
[2013.08.22 05:07:18 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shgina.dll
[2013.08.22 05:06:52 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shimeng.dll
[2013.08.22 04:21:25 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shimgvw.dll
[2013.08.22 06:25:37 | 000,263,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shlwapi.dll
[2013.08.22 04:38:08 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shpafact.dll
[2013.10.08 06:58:55 | 000,094,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shsetup.dll
[2013.08.22 03:27:04 | 000,564,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shsvcs.dll
[2013.08.22 05:06:32 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shunimpl.dll
[2013.08.22 04:14:54 | 000,416,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shwebsvc.dll
[2013.08.22 04:23:25 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\signdrv.dll
[2013.08.22 03:41:13 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SimAuth.dll
[2013.08.22 03:28:40 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SimCfg.dll
[2013.08.22 05:05:45 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sisbkup.dll
[2013.08.22 03:15:55 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SkyDriveShell.dll
[2013.08.22 03:16:29 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SkyDriveTelemetry.dll
[2013.08.22 05:01:09 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\slc.dll
[2013.08.22 03:46:32 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\slcext.dll
[2013.08.22 03:27:30 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\slpts.dll
[2013.06.18 13:32:15 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\slr100.dll
[2013.08.22 05:01:16 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\slwga.dll
[2013.08.22 03:34:16 | 001,019,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SmartcardCredentialProvider.dll
[2013.08.22 04:48:01 | 000,467,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SmartCardSimulator.dll
[2013.08.22 04:27:36 | 000,083,968 | ---- | M] (Microsoft) -- C:\Windows\system32\SMBHelperClass.dll
[2013.08.22 03:45:05 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\smbwmiv2.dll
[2013.08.22 07:13:51 | 000,666,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SmiEngine.dll
[2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\smphost.dll
[2013.08.22 04:37:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SmsDeviceAccessRevocation.dll
[2013.08.22 04:25:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SMSRouter.dll
[2013.08.22 03:16:48 | 000,214,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SndVolSSO.dll
[2013.08.22 03:54:44 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\snmpapi.dll
[2013.08.22 16:02:28 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SNTSearch.dll
[2013.08.22 04:40:22 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\softkbd.dll
[2013.08.22 05:06:16 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\softpub.dll
[2013.08.22 05:06:32 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SortServer2003Compat.dll
[2013.08.22 05:06:41 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SortWindows61.dll
[2013.08.22 05:06:40 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SortWindows6Compat.dll
[2013.08.22 04:12:34 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SpaceControl.dll
[2013.08.22 05:03:55 | 000,068,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spbcd.dll
[2013.08.22 05:06:28 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spfileq.dll
[2013.08.22 05:06:19 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SPInf.dll
[2013.08.22 05:04:59 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spmpm.dll
[2013.08.22 05:02:38 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spnet.dll
[2013.08.22 05:06:29 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spoolss.dll
[2013.08.22 04:55:49 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spopk.dll
[2013.08.22 04:40:40 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spp.dll
[2013.08.22 04:59:43 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppc.dll
[2013.08.22 04:43:39 | 000,421,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppcext.dll
[2013.08.22 04:20:10 | 000,438,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppcomapi.dll
[2013.08.22 04:22:29 | 000,298,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppcommdlg.dll
[2013.08.22 03:33:25 | 000,555,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppinst.dll
[2013.08.22 04:43:30 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppnp.dll
[2013.08.22 06:29:30 | 001,129,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppobjs.dll
[2013.08.22 06:29:31 | 000,197,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppwinob.dll
[2013.08.22 04:49:54 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sppwmi.dll
[2013.08.22 05:04:21 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spwinsat.dll
[2013.08.22 04:23:20 | 000,353,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spwizeng.dll
[2013.08.22 05:16:47 | 005,864,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spwizimg.dll
[2013.08.22 05:16:45 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spwizres.dll
[2013.08.22 04:29:23 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spwmp.dll
[2013.08.22 04:53:50 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlcecompact40.dll
[2013.08.22 04:53:53 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlceoledb40.dll
[2013.08.22 04:53:54 | 000,651,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlceqp40.dll
[2013.08.22 04:58:44 | 000,396,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlcese40.dll
[2013.08.22 04:53:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlsrv32.dll
[2013.06.18 13:19:11 | 000,188,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlunirl.dll
[2013.06.18 13:18:01 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlwid.dll
[2013.06.18 13:18:01 | 000,043,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqlwoa.dll
[2013.08.22 06:24:54 | 000,231,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sqmapi.dll
[2013.08.22 04:26:28 | 000,307,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srchadmin.dll
[2013.08.22 04:30:06 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll
[2013.08.22 04:26:03 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srcore.dll
[2013.08.22 05:16:07 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SrEvents.dll
[2013.08.22 04:21:37 | 001,740,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SRH.dll
[2013.08.22 04:25:25 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srhelper.dll
[2013.08.22 16:02:18 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srm.dll
[2013.08.22 16:02:18 | 000,935,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srmclient.dll
[2013.08.22 16:02:22 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srmlib.dll
[2013.08.22 16:02:18 | 000,470,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srmscan.dll
[2013.08.22 16:02:18 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srmshell.dll
[2013.08.22 16:02:18 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srmstormod.dll
[2013.08.22 16:02:18 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srmtrace.dll
[2013.08.22 16:02:18 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srm_ps.dll
[2013.08.22 16:02:24 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SrpUxNativeSnapIn.dll
[2013.08.22 04:25:54 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srrstr.dll
[2013.08.22 03:52:42 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srumapi.dll
[2013.08.22 03:45:10 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srumsvc.dll
[2013.08.22 06:29:31 | 000,108,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srvcli.dll
[2013.08.22 03:43:43 | 000,244,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srvsvc.dll
[2013.08.22 04:31:11 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srwmi.dll
[2013.08.22 03:53:04 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sscore.dll
[2013.08.22 03:54:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sscoreext.dll
[2013.08.22 05:02:53 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ssdpapi.dll
[2013.08.22 03:35:57 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ssdpsrv.dll
[2013.08.22 07:13:54 | 000,134,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll
[2013.08.22 07:13:54 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspisrv.dll
[2013.08.22 07:13:51 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SSShim.dll
[2013.08.22 03:44:14 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sstpsvc.dll
[2013.08.22 03:22:19 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Startupscan.dll
[2013.08.22 03:45:29 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\stclient.dll
[2013.08.22 04:43:55 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sti.dll
[2013.08.22 04:28:58 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sti_ci.dll
[2013.08.22 03:13:42 | 000,289,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\stobject.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\storage.dll
[2013.08.22 04:32:18 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\StorageContextHandler.dll
[2013.08.22 03:31:38 | 001,373,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\storagewmi.dll
[2013.08.22 03:46:56 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\storagewmi_passthru.dll
[2013.08.22 03:19:29 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\storewuauth.dll
[2013.08.22 04:42:56 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Storprop.dll
[2013.08.22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\StorSvc.dll
[2013.08.22 06:32:57 | 000,023,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\streamci.dll
[2013.08.22 03:31:31 | 000,425,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\StructuredQuery.dll
[2013.08.22 03:47:45 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SubscriptionMgr.dll
[2013.08.22 04:26:31 | 000,592,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sud.dll
[2013.08.22 04:54:45 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\svsvc.dll
[2013.08.22 03:27:38 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\swprv.dll
[2013.08.22 04:56:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sxproxy.dll
[2013.08.22 07:13:51 | 000,488,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sxs.dll
[2013.08.22 03:44:36 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sxshared.dll
[2013.08.22 05:08:30 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sxssrv.dll
[2013.08.22 04:54:02 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sxsstore.dll
[2013.08.22 04:25:04 | 002,165,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SyncCenter.dll
[2013.08.22 04:47:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll
[2013.10.23 05:54:49 | 003,422,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SyncEngine.dll
[2013.08.22 05:02:02 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SyncHostps.dll
[2013.08.22 04:20:34 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SyncInfrastructure.dll
[2013.08.22 05:01:35 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SyncInfrastructureps.dll
[2013.08.22 04:52:26 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Syncreg.dll
[2013.08.22 05:07:10 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\syncui.dll
[2013.08.22 05:03:03 | 000,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sysclass.dll
[2013.08.22 04:34:44 | 000,336,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SysFxUI.dll
[2013.08.22 03:42:53 | 000,944,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sysmain.dll
[2013.08.22 03:53:39 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sysntfy.dll
[2013.08.22 05:03:01 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\syssetup.dll
[2013.08.22 04:11:29 | 000,272,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\systemcpl.dll
[2013.08.22 03:53:30 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SystemEventsBrokerClient.dll

ciao · 08.12.2013, 11:20

Teil 5

Code:

ATTFilter

[2013.08.22 03:50:12 | 000,197,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SystemEventsBrokerServer.dll
[2013.08.22 03:21:19 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
[2013.08.22 03:18:47 | 000,390,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SystemSettings.Handlers.dll
[2013.08.22 03:13:18 | 001,358,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SystemSettingsAdminFlowUI.dll
[2013.08.22 03:22:19 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\SystemSettingsDatabase.dll
[2013.08.22 05:03:52 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\t2embed.dll
[2013.08.22 04:38:47 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Tabbtn.dll
[2013.08.22 04:48:41 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TabbtnEx.dll
[2013.08.22 04:58:06 | 000,128,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TabSvc.dll
[2013.06.18 13:41:32 | 000,019,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapi.dll
[2013.08.22 04:46:31 | 000,846,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapi3.dll
[2013.08.22 04:42:27 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapi32.dll
[2013.08.22 04:51:13 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapilua.dll
[2013.08.22 04:38:33 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TapiMigPlugin.dll
[2013.08.22 05:04:40 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapiperf.dll
[2013.08.22 04:33:38 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapisrv.dll
[2013.08.22 04:56:06 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TapiSysprep.dll
[2013.08.22 05:16:18 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tapiui.dll
[2013.08.22 04:29:40 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\taskbarcpl.dll
[2013.08.22 03:20:11 | 000,385,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\taskcomp.dll
[2013.08.22 06:30:48 | 000,785,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\taskschd.dll
[2013.08.22 03:47:51 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TaskSchdPS.dll
[2013.08.22 03:54:13 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tbs.dll
[2013.08.22 04:12:06 | 000,178,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tcpipcfg.dll
[2013.08.22 03:55:00 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TcpipSetup.dll
[2013.08.22 04:56:27 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tcpmib.dll
[2013.08.22 03:21:24 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tcpmon.dll
[2013.08.22 04:31:46 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tcpmonui.dll
[2013.08.22 03:43:36 | 000,749,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tdh.dll
[2013.08.22 04:47:03 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\termmgr.dll
[2013.08.22 03:13:53 | 000,862,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\termsrv.dll
[2013.08.22 03:52:55 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TetheringIeProvider.dll
[2013.08.22 03:23:12 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TetheringMgr.dll
[2013.08.22 03:29:25 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TetheringStation.dll
[2013.08.22 04:16:51 | 002,544,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\themecpl.dll
[2013.08.22 03:51:40 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\themeservice.dll
[2013.08.22 04:24:17 | 002,810,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\themeui.dll
[2013.08.22 03:47:24 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\threadpoolwinrt.dll
[2013.08.22 03:19:14 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\thumbcache.dll
[2013.08.22 03:53:50 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TimeBrokerClient.dll
[2013.08.22 03:45:36 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TimeBrokerServer.dll
[2013.08.22 05:04:42 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TimeDateMUICallback.dll
[2013.08.22 03:47:22 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TimeSyncTask.dll
[2013.08.22 05:03:00 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tlscsp.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TOOLHELP.DLL
[2013.08.22 04:20:41 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tpmcompc.dll
[2013.08.22 03:38:45 | 000,140,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TpmTasks.dll
[2013.08.22 03:46:52 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tpmvsc.dll
[2013.08.22 03:45:21 | 002,633,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tquery.dll
[2013.08.22 04:58:09 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\traffic.dll
[2013.08.22 03:47:21 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\trkwks.dll
[2013.08.22 05:03:47 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsbyuv.dll
[2013.08.22 16:02:24 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tscfgwmi.dll
[2013.08.22 05:02:01 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TSChannel.dll
[2013.08.22 05:12:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsddd.dll
[2013.08.22 04:45:03 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsgqec.dll
[2013.09.14 13:33:08 | 000,345,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsmf.dll
[2013.08.22 03:50:19 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TSpkg.dll
[2013.08.22 04:37:26 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TsUsbGDCoInstaller.dll
[2013.08.22 05:01:37 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
[2013.10.05 09:40:54 | 000,795,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TSWorkspace.dll
[2013.08.22 03:38:53 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TtlsAuth.dll
[2013.08.22 03:32:30 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TtlsCfg.dll
[2013.08.22 03:46:43 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\TtlsExt.dll
[2013.08.22 04:37:38 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tvratings.dll
[2013.08.22 04:30:09 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\twext.dll
[2013.08.22 06:25:37 | 000,431,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\twinapi.appcore.dll
[2013.08.22 03:18:18 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\twinapi.dll
[2013.10.10 11:27:01 | 000,869,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\twinui.appcore.dll
[2013.11.05 15:30:00 | 011,674,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\twinui.dll
[2013.08.22 03:44:45 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\txflog.dll
[2013.08.22 05:12:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\txfw32.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\typelib.dll
[2013.08.22 05:17:10 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll
[2013.08.22 05:16:46 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzsyncres.dll
[2013.08.22 03:49:54 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ubpm.dll
[2013.08.22 04:37:59 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ucmhc.dll
[2013.08.22 04:38:49 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\udhisapi.dll
[2013.08.22 03:20:50 | 000,609,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uDWM.dll
[2013.08.22 03:52:13 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uexfat.dll
[2013.08.22 03:52:13 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ufat.dll
[2013.08.22 03:41:38 | 000,223,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAnimation.dll
[2013.10.05 09:21:38 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAutomationCore.dll
[2013.08.22 05:16:10 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAutomationCoreRes.dll
[2013.08.22 04:22:02 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uicom.dll
[2013.08.22 04:32:27 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uireng.dll
[2013.08.22 04:22:14 | 003,294,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIRibbon.dll
[2013.08.22 05:14:43 | 000,638,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIRibbonRes.dll
[2013.08.22 03:54:28 | 000,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ulib.dll
[2013.08.22 03:39:31 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umb.dll
[2013.08.22 05:04:04 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umdmxfrm.dll
[2013.08.22 05:07:22 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umpnpmgr.dll
[2013.08.22 03:53:16 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umpo.dll
[2013.08.22 03:37:30 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umpoext.dll
[2013.08.22 03:43:13 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umpowmi.dll
[2013.08.22 16:02:25 | 000,239,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\umrdp.dll
[2013.08.22 04:38:40 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unattend.dll
[2013.08.22 05:03:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdmat.dll
[2013.08.22 04:55:37 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uniplat.dll
[2013.08.22 03:52:19 | 000,485,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\untfs.dll
[2013.08.22 04:41:24 | 000,304,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\upnp.dll
[2013.08.22 03:16:50 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\upnphost.dll
[2013.08.22 05:04:53 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ureg.dll
[2013.08.22 04:55:33 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013.10.19 04:02:46 | 001,156,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2013.08.22 04:54:47 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usbceip.dll
[2013.08.22 04:47:40 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usbmon.dll
[2013.08.22 05:03:22 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usbperf.dll
[2013.08.22 04:47:08 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usbui.dll
[2013.08.22 06:24:56 | 001,370,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\user32.dll
[2013.08.22 04:31:47 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UserAccountControlSettings.dll
[2013.08.22 03:56:58 | 001,160,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usercpl.dll
[2013.08.22 06:29:31 | 000,094,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\userenv.dll
[2013.08.22 03:52:07 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\userinitext.dll
[2013.08.22 03:48:51 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UserLanguageProfileCallback.dll
[2013.08.22 03:32:32 | 000,559,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UserLanguagesCpl.dll
[2013.08.22 05:12:40 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll
[2013.08.22 04:39:30 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ustprov.dll
[2013.08.22 06:20:02 | 000,038,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\utildll.dll
[2013.08.22 05:03:53 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uudf.dll
[2013.08.22 05:01:06 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UXInit.dll
[2013.08.22 04:40:32 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uxlib.dll
[2013.08.22 05:16:45 | 000,002,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uxlibres.dll
[2013.08.22 05:11:37 | 000,903,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\uxtheme.dll
[2013.08.22 04:16:41 | 000,437,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\VAN.dll
[2013.08.22 04:07:32 | 000,675,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Vault.dll
[2013.08.22 03:46:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vaultcli.dll
[2013.08.22 03:44:57 | 000,069,120 | ---- | M] (Microsoft) -- C:\Windows\system32\VaultRoaming.dll
[2013.08.22 03:39:05 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vaultsvc.dll
[2013.06.18 13:17:51 | 000,030,749 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbajet32.dll
[2013.08.22 04:55:41 | 000,454,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2012.09.20 15:02:04 | 000,251,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vccorlib110.dll
[2013.08.22 05:05:35 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vdmdbg.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vdmredir.dll
[2013.08.22 04:55:15 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vdsbas.dll
[2013.08.22 04:55:20 | 000,537,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vdsdyn.dll
[2013.08.22 04:47:46 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vdsutil.dll
[2013.08.22 04:49:09 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vdsvd.dll
[2013.08.22 05:05:21 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vds_ps.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ver.dll
[2013.08.22 06:31:44 | 000,334,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\verifier.dll
[2013.08.22 06:25:38 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\version.dll
[2013.08.22 04:49:22 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vfwwdm32.dll
[2013.08.22 06:25:01 | 000,167,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\VIDRESZR.DLL
[2013.08.22 03:53:34 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\virtdisk.dll
[2013.08.22 05:02:01 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
[2013.08.22 06:20:16 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vmbuspipe.dll
[2013.08.22 06:11:09 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vmbusres.dll
[2013.08.22 04:54:27 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\VmdCoinstall.dll
[2013.08.22 06:11:12 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vmicres.dll
[2013.08.22 04:41:59 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vmictimeprovider.dll
[2013.08.22 04:05:02 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vmrdvcore.dll
[2013.08.22 06:11:09 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vmstorfltres.dll
[2013.08.22 03:30:15 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vpnike.dll
[2013.08.22 03:53:48 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vpnikeapi.dll
[2013.08.22 04:58:50 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\VscMgrPS.dll
[2013.08.22 03:25:20 | 001,117,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vssapi.dll
[2013.08.22 03:45:37 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vsstrace.dll
[2013.08.22 03:47:50 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vss_ps.dll
[2013.08.22 03:50:51 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\w32time.dll
[2013.08.22 03:54:35 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\w32topl.dll
[2013.08.22 04:33:42 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WABSyncProvider.dll
[2013.08.22 04:25:07 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WavDest.dll
[2013.08.22 04:34:16 | 000,217,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wavemsp.dll
[2013.08.22 03:46:41 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbemcomn.dll
[2013.08.22 03:47:57 | 000,314,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbiosrvc.dll
[2013.08.22 03:55:43 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wcl.dll
[2013.08.22 03:55:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wclEtw.dll
[2013.08.22 03:55:25 | 000,109,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wclPowrProf.dll
[2013.08.22 03:55:42 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wclSqm.dll
[2013.08.22 03:55:43 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wclUnicode.dll
[2013.08.22 03:54:51 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wclWdi.dll
[2013.08.22 03:53:05 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wcmapi.dll
[2013.08.22 03:33:47 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wcmcsp.dll
[2013.08.22 03:39:58 | 000,300,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wcmsvc.dll
[2013.08.22 03:37:31 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WcnApi.dll
[2013.09.12 08:17:27 | 000,370,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wcncsvc.dll
[2013.08.22 03:51:28 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WcnEapAuthProxy.dll
[2013.08.22 03:51:57 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WcnEapPeerProxy.dll
[2013.08.22 04:21:05 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WcnNetsh.dll
[2013.08.22 03:12:24 | 001,224,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wcnwiz.dll
[2013.08.22 04:37:49 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WcsPlugInService.dll
[2013.08.22 04:02:07 | 001,277,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdc.dll
[2013.08.22 07:13:53 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wdfres.dll
[2013.08.22 03:47:21 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdi.dll
[2013.08.22 04:59:16 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdiasqmmodule.dll
[2013.08.22 03:55:10 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdigest.dll
[2013.08.22 07:13:53 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wdscore.dll
[2013.08.22 03:59:12 | 000,813,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WebcamUi.dll
[2013.08.22 04:01:30 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013.08.22 04:47:58 | 000,198,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WebClnt.dll
[2013.08.22 03:44:53 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webio.dll
[2013.08.22 06:21:42 | 001,085,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webservices.dll
[2013.08.22 03:54:00 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Websocket.dll
[2013.08.22 03:50:57 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wecapi.dll
[2013.08.22 03:34:25 | 000,157,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wecsvc.dll
[2013.08.22 05:03:29 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wephostsvc.dll
[2013.08.22 06:24:56 | 000,426,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wer.dll
[2013.08.22 04:03:12 | 001,096,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\werconcpl.dll
[2013.08.22 04:33:06 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wercplsupport.dll
[2013.08.22 05:05:39 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\werdiagcontroller.dll
[2013.08.22 03:46:37 | 000,082,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wersvc.dll
[2013.08.22 04:27:10 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\werui.dll
[2013.08.22 06:30:48 | 000,308,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wevtapi.dll
[2013.08.22 05:01:02 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wevtfwd.dll
[2013.08.22 03:41:06 | 001,280,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wevtsvc.dll
[2013.08.22 03:49:43 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wfapigp.dll
[2013.08.22 03:43:25 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wfdprov.dll
[2013.08.22 03:19:01 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WfHC.dll
[2013.08.22 05:15:57 | 000,669,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WFSR.dll
[2013.08.22 03:54:47 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\whealogr.dll
[2013.08.22 03:54:27 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\whhelper.dll
[2013.08.22 04:26:35 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiaaut.dll
[2013.08.22 04:25:32 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiadefui.dll
[2013.08.22 04:29:11 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiadss.dll
[2013.08.22 04:56:08 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiarpc.dll
[2013.08.22 04:26:10 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiascanprofiles.dll
[2013.08.22 04:20:47 | 000,517,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiaservc.dll
[2013.08.22 04:18:49 | 000,441,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiashext.dll
[2013.08.22 05:06:44 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wiatrace.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WIFEMAN.DLL
[2013.09.12 08:37:16 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WiFiDisplay.dll
[2013.08.22 03:38:35 | 000,528,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wimgapi.dll
[2013.08.22 03:15:52 | 000,550,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win87em.dll
[2013.08.22 03:22:36 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winbici.dll
[2013.08.22 03:49:56 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winbio.dll
[2013.08.22 03:50:20 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winbrand.dll
[2013.08.22 03:49:03 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wincorlib.dll
[2013.08.22 04:44:29 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wincredprovider.dll
[2013.08.22 03:27:50 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[2013.08.22 03:54:12 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.ApplicationModel.Background.TimeBroker.dll
[2013.08.22 03:23:06 | 000,264,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.ApplicationModel.dll
[2013.08.22 03:39:43 | 000,208,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.ApplicationModel.Store.dll
[2013.10.23 06:04:06 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
[2013.08.22 03:23:58 | 008,875,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Data.Pdf.dll
[2013.08.22 03:47:00 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Background.dll
[2013.08.22 03:48:18 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Background.ps.dll
[2013.08.22 03:35:36 | 000,439,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Bluetooth.dll
[2013.08.22 03:47:05 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Custom.dll
[2013.08.22 03:48:18 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Custom.ps.dll
[2013.08.22 03:43:21 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Enumeration.dll
[2013.08.22 03:48:14 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Enumeration.ps.dll
[2013.08.22 03:49:08 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Geolocation.dll
[2013.08.22 03:38:47 | 000,154,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
[2013.08.22 04:36:50 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.PointOfService.dll
[2013.08.22 03:47:00 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Portable.dll
[2013.08.22 03:46:40 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Printers.Extensions.dll
[2013.08.22 03:19:11 | 000,151,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Scanners.dll
[2013.10.03 10:02:48 | 000,225,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Sensors.dll
[2013.08.22 03:30:53 | 000,616,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.SmartCards.dll
[2013.08.22 04:13:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.Usb.dll
[2013.08.22 03:22:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Devices.WiFiDirect.dll
[2013.08.22 03:52:07 | 000,802,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Globalization.dll
[2013.08.22 03:51:28 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Globalization.Fontgroups.dll
[2013.08.22 03:33:06 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Graphics.dll
[2013.08.22 03:25:12 | 000,402,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Graphics.Printing.dll
[2013.08.22 06:22:00 | 000,163,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Help.Runtime.dll
[2013.08.22 03:38:05 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
[2013.08.22 04:48:32 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Management.Workplace.WorkplaceSettings.dll
[2013.08.22 03:45:05 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.Devices.dll
[2013.10.19 04:14:29 | 000,888,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.dll
[2013.08.22 06:25:01 | 000,162,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.MediaControl.dll
[2013.08.22 03:16:17 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.Renewal.dll
[2013.08.22 03:17:45 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.SpeechSynthesis.dll
[2013.10.01 04:36:12 | 000,977,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.Streaming.dll
[2013.08.22 05:01:43 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Media.Streaming.ps.dll
[2013.08.22 03:13:15 | 000,340,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
[2013.10.05 08:35:00 | 000,411,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
[2013.08.22 03:29:44 | 000,408,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.Connectivity.dll
[2013.08.22 03:24:56 | 000,432,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.dll
[2013.08.22 03:47:20 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.HostName.dll
[2013.08.22 03:45:02 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
[2013.08.22 03:40:46 | 000,306,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.Proximity.dll
[2013.08.22 03:46:38 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
[2013.08.22 03:38:55 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Networking.Vpn.dll
[2013.08.22 03:30:39 | 000,543,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
[2013.08.22 06:29:32 | 000,069,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
[2013.08.22 04:45:38 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[2013.08.22 06:31:44 | 000,151,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Storage.ApplicationData.dll
[2013.08.22 03:47:07 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Storage.Compression.dll
[2013.08.22 03:47:07 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.System.Display.dll
[2013.08.22 03:18:25 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.System.Profile.HardwareId.dll
[2013.08.22 03:46:48 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.System.Profile.SystemManufacturers.dll
[2013.08.22 03:47:23 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.System.RemoteDesktop.dll
[2013.08.22 03:30:52 | 000,335,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.UI.dll
[2013.08.22 03:07:23 | 001,492,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.UI.Immersive.dll
[2013.08.22 03:41:00 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.UI.Input.Inking.dll
[2013.08.22 03:11:07 | 004,919,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.UI.Search.dll
[2013.11.05 17:20:05 | 013,925,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.UI.Xaml.dll
[2013.08.22 03:14:17 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Web.dll
[2013.10.08 05:50:39 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Windows.Web.Http.dll
[2013.08.22 06:24:59 | 001,370,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecs.dll
[2013.08.22 03:43:33 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecsExt.dll
[2013.08.22 03:26:55 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\windowslivelogin.dll
[2013.08.22 04:14:12 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winethc.dll
[2013.08.22 04:24:13 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinFax.dll
[2013.08.22 03:39:08 | 000,589,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winhttp.dll
[2013.10.19 04:09:02 | 001,818,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2013.08.22 03:50:05 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininitext.dll
[2013.08.22 03:49:54 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winipsec.dll
[2013.08.22 03:46:47 | 000,356,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Winlangdb.dll
[2013.08.22 03:49:41 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winlogonext.dll
[2013.10.17 15:04:13 | 001,204,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winmde.dll
[2013.08.22 06:19:23 | 000,128,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winmm.dll
[2013.08.22 06:19:23 | 000,128,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winmmbase.dll
[2013.08.22 04:39:55 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinMsoIrmProtector.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WINNLS.DLL
[2013.08.22 07:13:54 | 000,025,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winnsi.dll
[2013.08.22 04:39:55 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinOpcIrmProtector.dll
[2013.08.22 05:05:53 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winrnr.dll
[2013.08.22 03:32:26 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winrscmd.dll
[2013.08.22 05:16:56 | 000,001,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winrsmgr.dll
[2013.08.22 03:54:16 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winrssrv.dll
[2013.08.22 03:47:08 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinRtTracing.dll
[2013.08.22 03:18:43 | 000,346,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinSATAPI.dll
[2013.08.22 05:02:53 | 000,166,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinSCard.dll
[2013.08.22 04:43:17 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinSetupUI.dll
[2013.08.22 04:40:16 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winshfhc.dll
[2013.08.22 03:48:27 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsku.dll
[2013.08.22 02:42:34 | 000,008,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WINSOCK.DLL
[2013.08.22 04:31:06 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsockhc.dll
[2013.08.22 05:03:37 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WINSRPC.DLL
[2013.08.22 03:48:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsrv.dll
[2013.08.22 06:20:03 | 000,265,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winsta.dll
[2013.08.22 03:45:23 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinSync.dll
[2013.08.22 04:53:07 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinSyncMetastore.dll
[2013.08.22 04:37:30 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinSyncProviders.dll
[2013.10.10 15:53:54 | 000,235,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll
[2013.08.22 06:21:42 | 000,506,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WinTypes.dll
[2013.08.22 04:55:04 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\winusb.dll
[2013.08.22 04:50:14 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wisp.dll
[2013.08.22 04:37:54 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\witnesswmiv2provider.dll
[2013.08.22 06:29:34 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wkscli.dll
[2013.08.22 04:18:19 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wkspbrokerAx.dll
[2013.08.22 04:53:34 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wksprtPS.dll
[2013.08.22 03:46:52 | 000,230,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wkssvc.dll
[2013.08.22 03:36:23 | 000,229,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlanapi.dll
[2013.08.22 03:17:08 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlancfg.dll
[2013.08.22 03:58:48 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WLanConn.dll
[2013.08.22 04:17:43 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlandlg.dll
[2013.08.22 03:30:21 | 000,387,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlangpui.dll
[2013.08.22 04:16:09 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WLanHC.dll
[2013.08.22 05:14:36 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlanhlp.dll
[2013.08.22 04:53:00 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlaninst.dll
[2013.08.22 03:17:55 | 000,935,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WlanMM.dll
[2013.08.22 03:28:47 | 000,300,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlanmsm.dll
[2013.08.22 03:19:04 | 000,724,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlanpref.dll
[2013.08.22 03:46:25 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WlanRadioManager.dll
[2013.08.22 03:48:36 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlansec.dll
[2013.08.22 03:25:37 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlansvc.dll
[2013.08.22 03:50:02 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlansvcpal.dll
[2013.08.22 04:07:54 | 000,360,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlanui.dll
[2013.08.22 05:14:50 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlanutil.dll
[2013.08.22 03:55:36 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wldap32.dll
[2013.10.23 10:21:21 | 000,044,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wldp.dll
[2013.08.22 03:47:50 | 000,093,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlgpclnt.dll
[2013.08.22 03:29:16 | 000,544,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidcli.dll
[2013.08.22 03:21:21 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidcredprov.dll
[2013.08.22 03:21:50 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidfdp.dll
[2013.08.22 03:50:29 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidnsp.dll
[2013.08.22 03:47:57 | 000,277,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidprov.dll
[2013.08.22 05:14:40 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidres.dll
[2013.08.22 03:37:53 | 001,185,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wlidsvc.dll
[2013.08.22 05:06:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WlS0WndH.dll
[2013.08.22 06:25:04 | 001,008,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMADMOD.DLL
[2013.08.22 06:25:04 | 000,799,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMADMOE.DLL
[2013.08.22 06:26:00 | 001,468,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMALFXGFXDSP.dll
[2013.08.22 06:26:54 | 000,212,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMASF.DLL
[2013.08.22 05:02:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmcodecdspps.dll
[2013.08.22 04:39:58 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmdmlog.dll
[2013.08.22 04:43:13 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmdmps.dll
[2013.08.22 06:19:23 | 000,429,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmdrmdev.dll
[2013.08.22 04:29:34 | 000,330,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmdrmnet.dll
[2013.08.22 04:01:49 | 000,467,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmdrmsdk.dll
[2013.08.22 05:15:59 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmerror.dll
[2013.08.22 07:13:51 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll
[2013.08.22 03:55:42 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmiclnt.dll
[2013.08.22 03:34:30 | 000,389,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmicmiplugin.dll
[2013.08.22 03:46:00 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmidcom.dll
[2013.08.22 04:15:40 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmidx.dll
[2013.08.22 04:47:40 | 000,024,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmiprop.dll
[2013.08.22 03:45:34 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmitomi.dll
[2013.08.22 04:11:37 | 000,954,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMNetMgr.dll
[2013.08.22 03:38:52 | 011,760,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmp.dll
[2013.08.22 04:45:42 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WmpDui.dll
[2013.08.22 03:56:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmpdxm.dll
[2013.08.22 06:25:05 | 000,308,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmpeffects.dll
[2013.08.22 03:43:01 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMPhoto.dll
[2013.08.22 05:14:49 | 009,374,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmploc.DLL
[2013.10.17 15:04:17 | 001,155,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmpmde.dll
[2013.08.22 06:25:04 | 000,149,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmpps.dll
[2013.08.22 03:56:08 | 000,106,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmpshell.dll
[2013.08.22 03:54:26 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmsgapi.dll
[2013.08.22 03:23:30 | 000,869,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMSPDMOD.DLL
[2013.08.22 04:42:00 | 001,415,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMSPDMOE.DLL
[2013.08.22 06:25:05 | 002,324,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVCORE.DLL
[2013.08.22 06:25:05 | 002,410,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVDECOD.DLL
[2013.08.22 04:48:35 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmvdspa.dll
[2013.08.22 06:25:05 | 002,392,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVENCOD.DLL
[2013.08.22 06:25:05 | 000,449,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVSDECD.DLL
[2013.08.22 04:39:32 | 000,378,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVSENCD.DLL
[2013.08.22 04:45:31 | 000,716,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVXENCD.DLL
[2013.08.22 05:12:14 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\workerdd.dll
[2013.10.22 03:52:29 | 000,667,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WorkfoldersControl.dll
[2013.08.22 04:38:11 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WorkFoldersGPExt.dll
[2013.09.19 07:23:46 | 000,117,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WorkFoldersRes.dll
[2013.10.22 04:02:04 | 000,166,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WorkFoldersShell.dll
[2013.10.22 02:40:33 | 001,210,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\workfolderssvc.dll
[2013.08.22 04:54:46 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wow32.dll
[2013.08.22 04:03:04 | 002,214,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wpc.dll
[2013.08.22 03:09:15 | 002,299,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpccpl.dll
[2013.08.22 03:52:30 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpcsvc.dll
[2013.08.22 03:57:01 | 001,873,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WpcWebSync.dll
[2013.08.22 03:17:38 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpdbusenum.dll
[2013.08.22 04:19:20 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WpdMtp.dll
[2013.08.22 04:19:20 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WpdMtpUS.dll
[2013.08.22 04:04:39 | 001,924,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpdshext.dll
[2013.08.22 04:16:46 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WPDShServiceObj.dll
[2013.08.22 04:18:33 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WPDSp.dll
[2013.08.22 04:11:33 | 000,588,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpd_ci.dll
[2013.08.22 03:45:46 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpnapps.dll
[2013.08.22 03:28:41 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpncore.dll
[2013.08.22 03:17:04 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpninprc.dll
[2013.08.22 03:11:16 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpnprv.dll
[2013.08.22 03:47:02 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wpnsruprov.dll
[2013.08.22 05:14:34 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ws2help.dll
[2013.08.22 07:13:54 | 000,313,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ws2_32.dll
[2013.08.22 06:30:48 | 000,140,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wscapi.dll
[2013.08.22 03:37:54 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wscinterop.dll
[2013.08.22 04:56:36 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wscisvif.dll
[2013.08.22 03:20:40 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSClient.dll
[2013.08.22 05:01:28 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wscproxystub.dll
[2013.08.22 03:20:27 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wscsvc.dll
[2013.08.22 03:33:58 | 000,507,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSDApi.dll
[2013.08.22 03:43:59 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wsdchngr.dll
[2013.08.22 03:26:20 | 000,251,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSDMon.dll
[2013.08.22 03:18:32 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSDPrintProxy.DLL
[2013.08.22 04:26:02 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSDScanProxy.dll
[2013.08.22 04:19:37 | 001,319,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wsecedit.dll
[2013.08.22 04:37:46 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wsepno.dll
[2013.08.22 03:46:42 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshbth.dll
[2013.08.22 04:54:28 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshcon.dll
[2013.08.22 04:51:16 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshelper.dll
[2013.08.22 04:30:52 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshext.dll
[2013.08.22 05:12:40 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wship6.dll
[2013.08.22 05:03:02 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshirda.dll
[2013.08.22 05:03:56 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshnetbs.dll
[2013.08.22 03:54:37 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshqos.dll
[2013.08.22 05:03:57 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wshrm.dll
[2013.08.22 05:12:41 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSHTCPIP.DLL
[2013.08.22 03:47:32 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WsmAgent.dll
[2013.08.22 04:06:24 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSManMigrationPlugin.dll
[2013.08.22 04:39:26 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WsmAuto.dll
[2013.08.22 03:54:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wsmplpxy.dll
[2013.08.22 05:15:55 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WsmRes.dll
[2013.08.22 03:35:43 | 002,030,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WsmSvc.dll
[2013.08.22 03:32:35 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WsmWmiPl.dll
[2013.08.22 05:05:53 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wsnmp32.dll
[2013.08.22 05:05:51 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wsock32.dll
[2013.10.10 15:52:58 | 002,872,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSService.dll
[2013.10.23 05:46:07 | 000,700,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSShared.dll
[2013.08.22 03:38:02 | 000,189,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WSSync.dll
[2013.08.22 06:20:02 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wtsapi32.dll
[2013.08.22 03:47:00 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuaext.dll
[2013.08.22 03:17:51 | 000,659,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuapi.dll
[2013.10.07 03:03:12 | 002,833,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuaueng.dll
[2013.10.22 02:51:53 | 001,634,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wucltux.dll
[2013.08.22 04:43:07 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFCoinstaller.dll
[2013.08.22 03:47:38 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFPlatform.dll
[2013.08.22 03:47:35 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFSvc.dll
[2013.08.22 04:49:19 | 000,701,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFx.dll
[2013.08.22 05:13:32 | 000,439,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUDFx02000.dll
[2013.08.22 03:18:40 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wudriver.dll
[2013.08.22 05:02:40 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups.dll
[2013.08.22 05:02:49 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wups2.dll
[2013.10.22 02:59:29 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WUSettingsProvider.dll
[2013.08.22 05:17:02 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wushareduxresources.dll
[2013.08.22 03:21:52 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wuwebv.dll
[2013.08.22 04:53:52 | 000,447,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wvc.dll
[2013.08.22 05:07:54 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WwaApi.dll
[2013.08.22 06:30:36 | 000,392,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WWanAPI.dll
[2013.08.22 05:12:30 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwancfg.dll
[2013.08.22 03:11:19 | 000,351,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwanconn.dll
[2013.08.22 04:50:57 | 000,054,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WWanHC.dll
[2013.08.22 03:38:23 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwaninst.dll
[2013.08.22 03:18:23 | 001,100,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwanmm.dll
[2013.08.22 04:37:49 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wwanpref.dll
[2013.08.22 04:59:18 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwanprotdim.dll
[2013.08.22 04:51:40 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WwanRadioManager.dll
[2013.08.22 03:27:56 | 000,424,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwansvc.dll
[2013.08.22 06:30:36 | 000,050,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wwapi.dll
[2013.08.22 03:35:50 | 000,327,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XAudio2_8.dll
[2013.08.22 03:51:18 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XInput1_4.dll
[2013.08.22 05:05:45 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XInput9_1_0.dll
[2013.08.22 04:20:09 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xmlfilter.dll
[2013.08.22 06:28:06 | 000,175,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xmllite.dll
[2013.08.22 05:02:40 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xmlprovi.dll
[2013.08.22 03:41:03 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xolehlp.dll
[2013.08.22 04:13:03 | 000,634,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsFilt.dll
[2013.08.22 04:29:03 | 000,336,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsGdiConverter.dll
[2013.08.22 03:13:08 | 001,290,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsPrint.dll
[2013.08.22 04:48:39 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsRasterService.dll
[2013.08.22 03:15:28 | 002,178,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xpsservices.dll
[2013.08.22 04:38:11 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XPSSHHDR.dll
[2013.08.22 04:52:04 | 000,976,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xpssvcs.dll
[2013.08.22 04:24:06 | 000,374,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xwizards.dll
[2013.08.22 04:33:44 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xwreg.dll
[2013.08.22 04:24:36 | 000,201,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xwtpdui.dll
[2013.08.22 04:24:35 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\xwtpw32.dll
[2013.08.22 04:38:07 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\zipfldr.dll
[2013.08.22 08:23:44 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.10.11 22:55:31 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\Björn\SkyDrive:ms-properties

< End of report >

Extras

Code:

ATTFilter

OTL Extras logfile created on: 08.12.2013 10:49:59 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Björn\Downloads
 Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16438)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,99 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 50,65% Memory free
3,11 Gb Paging File | 1,84 Gb Available in Paging File | 59,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232,54 Gb Total Space | 204,94 Gb Free Space | 88,13% Space Free | Partition Type: NTFS
Drive D: | 1,87 Gb Total Space | 0,33 Gb Free Space | 17,73% Space Free | Partition Type: FAT
 
Computer Name: FAST | User Name: Björn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-2578381697-2246446574-1873589927-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{143274BB-4646-4486-8642-D18E0CD242BF}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1FBB1212-8EF2-435C-BF3A-085CE546738B}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{243B56D7-B654-4CC2-A22A-D337BAC8BECE}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{4D9521A0-5E80-460A-A154-CBEA04A3B1AE}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{6A421B6A-E6FD-439A-8794-7AAC7A90B1D0}" = lport=53 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{849A57DE-65AF-41FC-B201-40267D0904F9}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{A441D1DF-0145-4B6B-B6CB-5ACEABE5D1AE}" = lport=67 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
"{B3D15ADB-7A70-489F-9EFE-B12FCEBDFA97}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe | 
"{C05A7397-7DD0-475E-952D-29C9DC11BD2F}" = lport=2987 | protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe | 
"{EAF67BDA-2B65-490C-A433-CD18ABEA0E7D}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe | 
"{EE379FFE-727C-42C3-AFF1-A283413FE124}" = lport=68 | protocol=17 | dir=in | app=c:\program files\connectify\connectifynetservices.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05C46E0A-E736-4D0B-97D8-6A1FAD4E1E80}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{094F200D-81FD-436A-9EEE-855465333ED9}" = dir=out | name=skype | 
"{129E8C9A-E1AF-40D1-AC4E-D59C9A3F322F}" = dir=out | name=windows phone | 
"{184E7AB8-15D6-4A83-8E3A-415123EB1B9F}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe | 
"{1BFAB09A-F19A-4F35-B988-77EBEBC8130A}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2336_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{1EE85AF0-730B-4DAB-8A26-BD31A1609E41}" = dir=out | app=c:\windows\system32\svchost.exe | 
"{2C7AE229-DA1C-402C-AB55-0178020938E6}" = dir=in | name=sonicwall mobile connect | 
"{2CF84C18-8F05-48C8-87BB-2298A2D7B4A5}" = dir=in | name=f5 vpn | 
"{2DF2E2B0-A588-4810-90EB-4C394CAB983F}" = dir=in | name=junipernetworks.junospulsevpn | 
"{2E27E150-B92C-43BF-A22A-9844B4A1CDB4}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{32D281B7-C6B6-467D-BEC7-A72D0F4D546C}" = dir=out | name=sonicwall mobile connect | 
"{331D3F10-92E3-4211-9259-CAF9D02FCE86}" = dir=out | name=junipernetworks.junospulsevpn | 
"{36571040-8837-41B4-B081-E5F4E6E6AE96}" = dir=out | name=check point vpn | 
"{3B392AA5-5F01-49C1-BEF1-F06FCFD7E9EF}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{40580F8B-0A4A-494B-BD12-287B40552445}" = dir=in | name=check point vpn | 
"{455F2C56-26C2-44F8-8794-B9E820290AB2}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20321_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{475912CF-B5E9-4BFA-9FE9-BD8102EEEEA2}" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe | 
"{51B6F44D-4FD8-4D91-B425-E194DE822392}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{59958621-AF08-4B17-8C35-0C648E9F220C}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} | 
"{59987BDE-4991-44F1-B88F-093FEE52EE73}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{5B5BEBD9-0D70-4B24-ABF8-7D1B7760C697}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{5B73E967-AE01-46E6-825E-D54329F44CB7}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{66B17870-E389-4BA2-8AEF-CEF31CA87754}" = dir=out | name=f5 vpn | 
"{699E2738-6680-42CB-B1B8-8A0972D1C796}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{77C2D87D-0E8C-482E-A214-64BC5D93F597}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{7B92C888-20DE-400A-ABDE-C13105BE9CD1}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{7D317A22-DB4A-4212-910E-BEC4CE3C624B}" = dir=in | name=windows phone | 
"{7DEF0F31-225B-4821-B43A-AD22261E6A31}" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe | 
"{7F702815-290A-4AB3-BC77-D86A1E128EC2}" = dir=out | name=@{microsoft.zunevideo_2.2.299.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{835E0E77-65D1-4FAA-AA5E-AC67565A94FB}" = dir=out | name=sonicwall.mobileconnect | 
"{8775C5D1-9E3D-4D23-B01A-CF31ED2AA4A0}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{9610C606-5C14-4E0A-A1F9-36967D5DF05E}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{9C5C49BD-4E20-451B-8B84-EE6800CEBB4A}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.201_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | 
"{9D425C91-0E64-481D-BB04-0741C4E32851}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A9080F4C-BE69-49F6-87CD-FAE444526D27}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{AF4CD98F-A6B6-4B1C-8D65-661A94CE0BDE}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{B5D70377-B2AA-445E-A8C0-6E04FC9E4641}" = dir=out | name=@{microsoft.zunemusic_2.2.299.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{BAE00DFE-B335-4992-9642-83011C7FD706}" = dir=out | name=windows_ie_ac_001 | 
"{BB523247-0983-44D7-B44C-D1FB6E212CDA}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{BD71B336-2027-4AA3-9E78-7F91FCF7CE43}" = dir=in | name=skype | 
"{BF5C72DC-A3D1-40E0-996C-DA49F278A153}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{C02D0EEE-F74D-46FC-B58E-A2C9FD06F4C3}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{C2B900BC-9D8B-4A8A-A122-F217236AF075}" = dir=out | name=juniper networks junos pulse | 
"{C6182E4B-10FC-4083-A766-458080D68E73}" = dir=in | name=f5.vpn.client | 
"{CC874D2B-D0DA-41F4-AA9A-DCC589BB2813}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20321_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | 
"{D832C34F-BD96-43AA-8301-DE0D26256970}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{D8B2A99A-3D9F-4B5F-BFEC-4DAFFDA9B9B3}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{DC8E26CC-67C0-4440-8806-BA063E239326}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) | 
"{E118DF2B-6DE6-43DB-9729-ADA64F24E7F7}" = dir=in | name=juniper networks junos pulse | 
"{E20BB53A-3BDC-460D-BAEE-FFDC117AB485}" = dir=in | name=sonicwall.mobileconnect | 
"{E57EC12C-D0D6-492C-A083-9029F5B9766C}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{E6A4BE21-4183-455E-8C07-84C78011B261}" = dir=out | name=checkpoint.vpn | 
"{E73D952C-B1CC-487B-814A-F6BF6F6BAF3E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{E87C4EB6-6F4C-4E7F-8385-633B5F0CA2DD}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{F4C72593-0F7A-4792-8FA0-0EFD9770E5A0}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x86__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{F9566E9A-5F68-4BC2-A2CF-6EA4A4807377}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x86__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | 
"{FA35BA80-EA4B-48FD-9FEF-74E9E0B3FEC7}" = dir=in | name=checkpoint.vpn | 
"{FB8B6B59-1B5C-4B2A-9002-926C57ABE2A3}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{FD8AE1B9-36B0-4A6C-854A-CA5FFD1BE8DB}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{FE5EA256-AD54-4FD8-B211-1263089653FF}" = dir=out | name=f5.vpn.client | 
"TCP Query User{82734015-6033-466E-9CBE-19C10AAC9D53}C:\program files\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files\connectify\connectify.exe | 
"UDP Query User{D934210D-C2C3-471A-8659-53BAE9B5BD8E}C:\program files\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files\connectify\connectify.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{41564952-412D-5637-00A7-A758B70C0600}" = Avira SearchFree Toolbar
"{7709C9B0-AD83-4F7C-A153-B956BC3C3B0A}" = Secure Download Manager
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"Connectify" = Connectify
"ImgBurn" = ImgBurn
"Logitech Unifying" = Logitech Unifying-Software 2.10
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 25.0.1 (x86 de)" = Mozilla Firefox 25.0.1 (x86 de)
"Mozilla Thunderbird 24.0.1 (x86 de)" = Mozilla Thunderbird 24.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"sp6" = Logitech SetPoint 6.61
"VLC media player" = VLC media player 2.1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-2578381697-2246446574-1873589927-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"CodeBlocks" = CodeBlocks
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 05.11.2013 18:32:13 | Computer Name = Fast | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0,
 Zeitstempel: 0x51f96ac5  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.16384,
 Zeitstempel: 0x52159006  Ausnahmecode: 0xc0150010  Fehleroffset: 0x00098ed0  ID des fehlerhaften
 Prozesses: 0xe80  Startzeit der fehlerhaften Anwendung: 0x01ceda76d09ebb1a  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Logitech\SetPointP\SetPoint.exe  Pfad des
 fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll  Berichtskennung: 1d7be453-466a-11e3-afa3-e89a8f3c7b83
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 29.11.2013 05:24:20 | Computer Name = Fast | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\LogiShrd\sp6_Uninstall\tools\64\AddBrowsers.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 30.11.2013 08:20:44 | Computer Name = Fast | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wwahost.exe, Version: 6.3.9600.16384,
 Zeitstempel: 0x521571bd  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16384,
 Zeitstempel: 0x52158f91  Ausnahmecode: 0x00000004  Fehleroffset: 0x00010f63  ID des fehlerhaften
 Prozesses: 0x1720  Startzeit der fehlerhaften Anwendung: 0x01ceedc6946ccc3a  Pfad der
 fehlerhaften Anwendung: C:\WINDOWS\system32\wwahost.exe  Pfad des fehlerhaften Moduls:
 C:\WINDOWS\system32\KERNELBASE.dll  Berichtskennung: d54b1f06-59b9-11e3-afa4-e89a8f3c7b83
Vollständiger
 Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe
Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.Calendar
 
Error - 30.11.2013 08:20:54 | Computer Name = Fast | Source = Microsoft-Windows-Immersive-Shell | ID = 2486
Description = Die App „microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe+Microsoft.WindowsLive.Calendar“
 wurde nicht innerhalb der vorgesehenen Zeit gestartet.
 
Error - 03.12.2013 06:10:31 | Computer Name = Fast | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: SetPoint.exe, Version: 6.61.15.0,
 Zeitstempel: 0x51f96ac5  Name des fehlerhaften Moduls: SetPoint.exe, Version: 6.61.15.0,
 Zeitstempel: 0x51f96ac5  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b9f42  ID des fehlerhaften
 Prozesses: 0xa0c  Startzeit der fehlerhaften Anwendung: 0x01cef00f703fb3d7  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Logitech\SetPointP\SetPoint.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Logitech\SetPointP\SetPoint.exe  Berichtskennung:
 23987eb2-5c03-11e3-afa6-e89a8f3c7b83  Vollständiger Name des fehlerhaften Pakets:
   Anwendungs-ID, die relativ zum fehlerhaften Paket ist: 
 
Error - 03.12.2013 07:40:08 | Computer Name = Fast | Source = Application Hang | ID = 1002
Description = Programm ImgBurn.exe, Version 2.5.8.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 808    Startzeit: 
01cef01b0520cf04    Endzeit: 30    Anwendungspfad: C:\Program Files\ImgBurn\ImgBurn.exe    Berichts-ID:
 a55e124e-5c0f-11e3-afa6-e89a8f3c7b83    Vollständiger Name des fehlerhaften Pakets:
     Anwendungs-ID, die relativ zum fehlerhaften Paket ist:   
 
Error - 07.12.2013 06:59:17 | Computer Name = Fast | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20279 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 934    Startzeit: 01cef01e75cb8f85    Endzeit: 4294967295    Anwendungspfad:
 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID:
 ddc305e0-5f2c-11e3-afa6-e89a8f3c7b83    Vollständiger Name des fehlerhaften Pakets:
 microsoft.windowscommunicationsapps_17.5.9600.20279_x86__8wekyb3d8bbwe    Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1  
 
Error - 07.12.2013 07:54:07 | Computer Name = Fast | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\LogiShrd\sp6_Uninstall\tools\64\AddBrowsers.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 07.12.2013 08:28:12 | Computer Name = Fast | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\LogiShrd\sp6_Uninstall\tools\64\AddBrowsers.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 07.12.2013 08:34:57 | Computer Name = Fast | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Common
 Files\LogiShrd\sp6_Uninstall\tools\64\AddBrowsers.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
[ System Events ]
Error - 01.12.2013 06:55:35 | Computer Name = Fast | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)
 
Error - 01.12.2013 07:18:00 | Computer Name = Fast | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)
 
Error - 03.12.2013 06:06:10 | Computer Name = Fast | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?02.?12.?2013 um 15:46:40 unerwartet heruntergefahren.
 
Error - 03.12.2013 06:09:26 | Computer Name = Fast | Source = DCOM | ID = 10016
Description = 
 
Error - 03.12.2013 06:27:06 | Computer Name = Fast | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)
 
Error - 07.12.2013 06:45:22 | Computer Name = Fast | Source = DCOM | ID = 10016
Description = 
 
Error - 07.12.2013 06:59:31 | Computer Name = Fast | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070005 fehlgeschlagen: Update für Windows 8.1 (KB2883200)
 
Error - 07.12.2013 07:25:58 | Computer Name = Fast | Source = disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk1\DR1.
 
Error - 07.12.2013 07:53:55 | Computer Name = Fast | Source = DCOM | ID = 10010
Description = 
 
Error - 07.12.2013 07:54:26 | Computer Name = Fast | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >

schrauber · 08.12.2013, 16:34

Nö, Mediyes nur in den Temps

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

ciao · 22.12.2013, 17:06

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.03.03

Windows 8 x86 NTFS
Internet Explorer 11.0.9600.16438
Björn :: FAST [Administrator]

22.12.2013 12:18:50
mbam-log-2013-12-22 (12-18-50).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 209276
Laufzeit: 12 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

# AdwCleaner v3.015 - Bericht erstellt am 22/12/2013 um 12:44:36
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 8.1 Pro  (32 bits)
# Benutzername : Björn - FAST
# Gestartet von : E:\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [755 octets] - [22/12/2013 12:36:59]
AdwCleaner[S0].txt - [677 octets] - [22/12/2013 12:44:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [736 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8.1 Pro x86
Ran by Bj”rn on 22.12.2013 at 14:51:58,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\apn"
Failed to delete: [Folder] "C:\ProgramData\application data\apn"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.12.2013 at 14:57:17,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-12-2013 01
Ran by Björn (administrator) on FAST on 22-12-2013 15:03:43
Running from C:\Users\Björn\Downloads
Microsoft Windows 8.1 Pro (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Connectify) C:\Program Files\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files\Connectify\Connectifyd.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9600.16422_x86__8wekyb3d8bbwe\glcnd.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2296600 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Connectify Hotspot] - C:\Program Files\Connectify\Connectify.exe [4162336 2013-09-24] (Connectify)
HKLM\...\Run: [Connectify Dispatch] - C:\Program Files\Connectify\DispatchUI.exe [2233120 2013-09-24] (Connectify)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
MountPoints2: {8f93f328-32a4-11e3-af9e-e89a8f3c7b83} - "E:\setup.exe" 

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: dta - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\0na3gxyo.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF HKLM\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 Connectify; C:\Program Files\Connectify\ConnectifyService.exe [487936 2013-09-24] (Connectify)
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [278264 2013-08-22] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22240 2013-08-22] (Microsoft Corporation)
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137208 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [37352 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [25600 2013-08-22] (Microsoft Corporation)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63.sys [7783600 2013-07-01] (Broadcom Corporation)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [29672 2013-10-20] (Connectify)
S3 GPIO; C:\Windows\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2013-05-23] (Logitech, Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2013-05-23] (Logitech, Inc.)
R3 RSPCIESTOR; C:\Windows\system32\DRIVERS\RtsPStor.sys [256616 2012-03-29] (Realtek Semiconductor Corp.)
S3 RTLWUSB; C:\Windows\system32\DRIVERS\wg111v2.sys [167808 2006-03-27] (NETGEAR Inc.)
R1 ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [28520 2013-09-30] (Avira GmbH)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [93024 2013-08-22] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-22 14:57 - 2013-12-22 14:57 - 00000735 _____ C:\Users\Björn\Desktop\JRT.txt
2013-12-22 14:26 - 2013-12-22 14:26 - 00001852 _____ C:\WINDOWS\PFRO.log
2013-12-22 12:36 - 2013-12-22 12:44 - 00000000 ____D C:\AdwCleaner
2013-12-08 11:03 - 2013-12-08 11:03 - 00744598 _____ C:\Users\Björn\Desktop\OTL.Txt
2013-12-08 11:02 - 2013-12-08 11:02 - 00048744 _____ C:\Users\Björn\Desktop\Extras.Txt
2013-12-08 11:01 - 2013-12-08 11:01 - 00744598 _____ C:\Users\Björn\Downloads\OTL.Txt
2013-12-08 10:41 - 2013-12-08 10:41 - 00602112 _____ (OldTimer Tools) C:\Users\Björn\Downloads\OTL.exe
2013-12-07 12:30 - 2013-12-07 12:31 - 00017072 _____ C:\Users\Björn\Downloads\Addition.txt
2013-12-07 12:28 - 2013-12-22 15:03 - 00005942 _____ C:\Users\Björn\Downloads\FRST.txt
2013-12-07 12:28 - 2013-12-07 12:28 - 01059921 _____ (Farbar) C:\Users\Björn\Downloads\FRST.exe
2013-12-07 12:28 - 2013-12-07 12:28 - 00000000 ____D C:\FRST
2013-12-03 12:39 - 2013-12-03 12:39 - 00000000 ____D C:\Users\Björn\AppData\Roaming\ImgBurn
2013-12-03 12:29 - 2013-12-03 12:29 - 00000000 ____D C:\Program Files\ImgBurn
2013-12-03 11:40 - 2013-12-03 11:40 - 00001083 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Users\Björn\AppData\Roaming\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 11:40 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-12-03 11:38 - 2013-12-03 11:38 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-01 12:18 - 2013-12-22 14:40 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-01 12:18 - 2013-12-22 14:38 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-30 13:09 - 2013-11-30 13:19 - 00000000 ____D C:\Users\Björn\Desktop\Nhat Musik
2013-11-29 10:27 - 2013-11-05 19:51 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-11-29 10:27 - 2013-11-05 17:20 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2013-11-29 10:27 - 2013-11-05 15:30 - 11674112 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-11-29 10:27 - 2013-10-10 12:05 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2013-11-29 10:27 - 2013-10-10 11:27 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2013-11-29 10:20 - 2013-10-23 05:54 - 03422208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2013-11-29 10:20 - 2013-10-22 07:03 - 02065448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2013-11-29 10:20 - 2013-10-19 06:20 - 03497472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-11-29 10:20 - 2013-10-10 15:52 - 02872688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2013-11-29 10:20 - 2013-10-10 11:35 - 01128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2013-11-29 10:20 - 2013-10-08 09:26 - 01888088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-11-29 10:19 - 2013-10-23 10:44 - 00104280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-11-29 10:19 - 2013-10-23 10:24 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_8086.dll
2013-11-29 10:19 - 2013-10-23 10:21 - 00044904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2013-11-29 10:19 - 2013-10-23 06:04 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-11-29 10:19 - 2013-10-23 05:46 - 00700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2013-11-29 10:19 - 2013-10-22 07:14 - 01033368 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2013-11-29 10:19 - 2013-10-22 07:13 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedapplauncher.exe
2013-11-29 10:19 - 2013-10-22 05:04 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2013-11-29 10:19 - 2013-10-22 04:02 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2013-11-29 10:19 - 2013-10-22 03:52 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2013-11-29 10:19 - 2013-10-22 02:59 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2013-11-29 10:19 - 2013-10-22 02:51 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2013-11-29 10:19 - 2013-10-22 02:47 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-11-29 10:19 - 2013-10-22 02:40 - 01210368 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2013-11-29 10:19 - 2013-10-19 08:18 - 01307480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2013-11-29 10:19 - 2013-10-19 08:12 - 00380656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2013-11-29 10:19 - 2013-10-19 05:03 - 00531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2013-11-29 10:19 - 2013-10-19 04:28 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2013-11-29 10:19 - 2013-10-19 04:14 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2013-11-29 10:19 - 2013-10-17 15:04 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2013-11-29 10:19 - 2013-10-17 15:04 - 01155384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2013-11-29 10:19 - 2013-10-16 10:34 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2013-11-29 10:19 - 2013-10-13 01:49 - 00207192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2013-11-29 10:19 - 2013-10-13 01:29 - 00706536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2013-11-29 10:19 - 2013-10-11 17:34 - 02038272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2013-11-29 10:19 - 2013-10-11 15:22 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2013-11-29 10:19 - 2013-10-11 14:03 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2013-11-29 10:19 - 2013-10-10 15:53 - 00235960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2013-11-29 10:19 - 2013-10-10 15:53 - 00088272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2013-11-29 10:19 - 2013-10-10 15:53 - 00029528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2013-11-29 10:19 - 2013-10-10 12:21 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2013-11-29 10:19 - 2013-10-10 12:12 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2013-11-29 10:19 - 2013-10-10 11:19 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2013-11-29 10:19 - 2013-10-09 06:40 - 00385528 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-11-29 10:19 - 2013-10-08 10:11 - 00036696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2013-11-29 10:19 - 2013-10-08 09:49 - 00415576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2013-11-29 10:19 - 2013-10-08 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsetup.dll
2013-11-29 10:19 - 2013-10-08 06:15 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2013-11-29 10:19 - 2013-10-08 06:14 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2013-11-29 10:19 - 2013-10-08 05:50 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2013-11-29 10:19 - 2013-10-08 05:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2013-11-29 10:19 - 2013-10-07 07:07 - 05753688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2013-11-29 10:19 - 2013-10-07 07:07 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2013-11-29 10:19 - 2013-10-07 03:03 - 02833408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2013-11-29 10:19 - 2013-10-05 13:30 - 00321368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2013-11-29 10:19 - 2013-10-05 13:30 - 00047960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2013-11-29 10:19 - 2013-10-05 13:05 - 00578952 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2013-11-29 10:19 - 2013-10-05 10:59 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2013-11-29 10:19 - 2013-10-05 09:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2013-11-29 10:19 - 2013-10-05 09:40 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2013-11-29 10:19 - 2013-10-05 09:29 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2013-11-29 10:19 - 2013-10-05 09:24 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\miutils.dll
2013-11-29 10:19 - 2013-10-05 09:21 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2013-11-29 10:19 - 2013-10-05 09:00 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2013-11-29 10:19 - 2013-10-05 08:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2013-11-29 10:19 - 2013-10-05 08:32 - 05769728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2013-11-29 10:19 - 2013-10-04 09:00 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2013-11-29 10:19 - 2013-09-19 05:34 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2013-11-29 10:19 - 2013-09-17 07:34 - 00870232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2013-11-29 10:19 - 2013-09-17 07:31 - 00883184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2013-11-29 10:19 - 2013-09-17 07:31 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2013-11-29 10:19 - 2013-09-17 04:47 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2013-11-29 10:19 - 2013-09-14 13:39 - 01799944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2013-11-29 10:19 - 2013-09-14 13:33 - 00345552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2013-11-29 10:19 - 2013-09-14 10:29 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2013-11-29 10:19 - 2013-09-14 09:54 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2013-11-29 10:19 - 2013-09-13 08:47 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ftp.exe
2013-11-29 10:19 - 2013-09-12 09:02 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2013-11-29 10:19 - 2013-09-12 08:37 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2013-11-29 10:19 - 2013-09-12 08:37 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2013-11-29 10:19 - 2013-09-12 08:21 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2013-11-29 10:19 - 2013-09-12 08:17 - 00152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2013-11-29 10:19 - 2013-09-12 08:01 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2013-11-29 10:19 - 2013-09-11 12:21 - 00261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-11-29 10:19 - 2013-09-10 05:34 - 03934208 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2013-11-29 10:19 - 2013-09-10 05:28 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msched.dll
2013-11-29 10:17 - 2013-10-16 14:54 - 01581968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2013-11-29 10:15 - 2013-10-19 07:37 - 17142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-11-29 10:14 - 2013-10-19 05:52 - 02166272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-11-29 10:14 - 2013-10-19 05:44 - 04240384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-11-29 10:14 - 2013-10-19 05:43 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2013-11-29 10:14 - 2013-10-19 05:28 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-11-29 10:14 - 2013-10-19 04:56 - 11220992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-11-29 10:14 - 2013-10-19 04:55 - 01926656 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2013-11-29 10:14 - 2013-10-19 04:09 - 01818112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-11-29 10:14 - 2013-10-19 04:02 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-11-29 10:14 - 2013-10-05 13:05 - 01090808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2013-11-29 10:13 - 2013-10-13 01:45 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2013-11-29 10:13 - 2013-10-12 22:14 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2013-11-29 10:13 - 2013-10-12 22:02 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2013-11-29 10:10 - 2013-11-29 10:09 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys

==================== One Month Modified Files and Folders =======

2013-12-22 15:04 - 2013-12-07 12:28 - 00005942 _____ C:\Users\Björn\Downloads\FRST.txt
2013-12-22 15:00 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\system32\sru
2013-12-22 14:57 - 2013-12-22 14:57 - 00000735 _____ C:\Users\Björn\Desktop\JRT.txt
2013-12-22 14:42 - 2013-10-14 10:07 - 01098960 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-22 14:40 - 2013-12-01 12:18 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-22 14:38 - 2013-12-01 12:18 - 88123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-22 14:38 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET
2013-12-22 14:31 - 2013-10-12 11:54 - 01686150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-22 14:28 - 2013-10-11 22:55 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-22 14:26 - 2013-12-22 14:26 - 00001852 _____ C:\WINDOWS\PFRO.log
2013-12-22 14:26 - 2013-10-11 19:45 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-22 14:26 - 2013-08-22 08:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-22 14:15 - 2013-08-22 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2013-12-22 12:44 - 2013-12-22 12:36 - 00000000 ____D C:\AdwCleaner
2013-12-08 11:03 - 2013-12-08 11:03 - 00744598 _____ C:\Users\Björn\Desktop\OTL.Txt
2013-12-08 11:02 - 2013-12-08 11:02 - 00048744 _____ C:\Users\Björn\Desktop\Extras.Txt
2013-12-08 11:01 - 2013-12-08 11:01 - 00744598 _____ C:\Users\Björn\Downloads\OTL.Txt
2013-12-08 10:41 - 2013-12-08 10:41 - 00602112 _____ (OldTimer Tools) C:\Users\Björn\Downloads\OTL.exe
2013-12-07 12:58 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\rescache
2013-12-07 12:38 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-07 12:31 - 2013-12-07 12:30 - 00017072 _____ C:\Users\Björn\Downloads\Addition.txt
2013-12-07 12:28 - 2013-12-07 12:28 - 01059921 _____ (Farbar) C:\Users\Björn\Downloads\FRST.exe
2013-12-07 12:28 - 2013-12-07 12:28 - 00000000 ____D C:\FRST
2013-12-04 01:05 - 2013-08-22 09:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-04 01:05 - 2013-08-22 09:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-03 12:39 - 2013-12-03 12:39 - 00000000 ____D C:\Users\Björn\AppData\Roaming\ImgBurn
2013-12-03 12:29 - 2013-12-03 12:29 - 00000000 ____D C:\Program Files\ImgBurn
2013-12-03 12:28 - 2013-11-07 13:13 - 00003182 _____ C:\WINDOWS\setupact.log
2013-12-03 11:48 - 2013-10-11 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-03 11:40 - 2013-12-03 11:40 - 00001083 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Users\Björn\AppData\Roaming\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-03 11:40 - 2013-12-03 11:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-12-03 11:38 - 2013-12-03 11:38 - 00000000 ____D C:\WINDOWS\ERUNT
2013-12-03 11:11 - 2013-10-13 12:54 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-12-03 11:08 - 2013-10-12 12:01 - 00000000 __RDO C:\Users\Björn\SkyDrive
2013-12-02 15:46 - 2013-08-22 08:22 - 00333576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-01 12:22 - 2013-08-22 09:17 - 00000000 ___RD C:\WINDOWS\ToastData
2013-12-01 12:22 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\system32\de-DE
2013-12-01 12:21 - 2013-08-22 09:17 - 00000000 ____D C:\WINDOWS\WinStore
2013-11-30 13:19 - 2013-11-30 13:09 - 00000000 ____D C:\Users\Björn\Desktop\Nhat Musik
2013-11-30 13:08 - 2013-11-07 08:27 - 00000000 ____D C:\Users\Björn\AppData\Roaming\codeblocks
2013-11-30 13:07 - 2013-11-07 12:38 - 00000116 _____ C:\Users\Björn\Desktop\AuG.cpp
2013-11-29 10:09 - 2013-11-29 10:10 - 00067680 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2013-11-29 10:09 - 2013-10-13 12:54 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys

Some content of TEMP:
====================
C:\Users\Björn\AppData\Local\Temp\avgnt.exe
C:\Users\Björn\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2013-11-29 10:20] - [2013-10-22 07:03] - 2065448 ____A (Microsoft Corporation) 1A0BC9598E4A58FC84570FFF5A108E58

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-22 12:26

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

nach einem erneuten suchdurchlauf, hat antivir 11 Funde gemacht , genau den gleichen Trojaner.

gefunden im Windows ordner : in winsxs / temp / pending renames

Code:

ATTFilter

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Sonntag, 22. Dezember 2013  16:25


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Free Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 8.1 Pro
Windowsversion : (plain)  [6.2.9200]
Boot Modus     : Normal gebootet
Benutzername   : Björn
Computername   : FAST

Versionsinformationen:
BUILD.DAT      : 14.0.2.286     55547 Bytes  09.12.2013 11:37:00
AVSCAN.EXE     : 14.0.2.254   1032760 Bytes  22.12.2013 14:16:25
AVSCANRC.DLL   : 14.0.2.180     62008 Bytes  22.12.2013 14:16:25
LUKE.DLL       : 14.0.2.234     65592 Bytes  22.12.2013 14:16:48
AVSCPLR.DLL    : 14.0.2.254    124472 Bytes  22.12.2013 14:16:25
AVREG.DLL      : 14.0.2.212    250424 Bytes  22.12.2013 14:16:24
avlode.dll     : 14.0.2.254    540216 Bytes  22.12.2013 14:16:23
avlode.rdf     : 13.0.1.62      56973 Bytes  22.12.2013 14:16:58
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 09:01:31
VBASE001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 09:01:31
VBASE002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 09:01:31
VBASE003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 09:01:31
VBASE004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 09:01:31
VBASE005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 09:01:31
VBASE006.VDF   : 7.11.103.230  2293248 Bytes  24.09.2013 09:01:31
VBASE007.VDF   : 7.11.116.38  5485568 Bytes  28.11.2013 09:08:36
VBASE008.VDF   : 7.11.120.140  1154560 Bytes  19.12.2013 14:16:08
VBASE009.VDF   : 7.11.120.141     2048 Bytes  19.12.2013 14:16:08
VBASE010.VDF   : 7.11.120.142     2048 Bytes  19.12.2013 14:16:08
VBASE011.VDF   : 7.11.120.143     2048 Bytes  19.12.2013 14:16:08
VBASE012.VDF   : 7.11.120.144     2048 Bytes  19.12.2013 14:16:08
VBASE013.VDF   : 7.11.120.145     2048 Bytes  19.12.2013 14:16:08
VBASE014.VDF   : 7.11.121.19   126976 Bytes  21.12.2013 14:16:09
VBASE015.VDF   : 7.11.121.20     2048 Bytes  21.12.2013 14:16:09
VBASE016.VDF   : 7.11.121.21     2048 Bytes  21.12.2013 14:16:09
VBASE017.VDF   : 7.11.121.22     2048 Bytes  21.12.2013 14:16:09
VBASE018.VDF   : 7.11.121.23     2048 Bytes  21.12.2013 14:16:09
VBASE019.VDF   : 7.11.121.24     2048 Bytes  21.12.2013 14:16:09
VBASE020.VDF   : 7.11.121.25     2048 Bytes  21.12.2013 14:16:09
VBASE021.VDF   : 7.11.121.26     2048 Bytes  21.12.2013 14:16:09
VBASE022.VDF   : 7.11.121.27     2048 Bytes  21.12.2013 14:16:10
VBASE023.VDF   : 7.11.121.28     2048 Bytes  21.12.2013 14:16:10
VBASE024.VDF   : 7.11.121.29     2048 Bytes  21.12.2013 14:16:10
VBASE025.VDF   : 7.11.121.30     2048 Bytes  21.12.2013 14:16:10
VBASE026.VDF   : 7.11.121.31     2048 Bytes  21.12.2013 14:16:10
VBASE027.VDF   : 7.11.121.32     2048 Bytes  21.12.2013 14:16:10
VBASE028.VDF   : 7.11.121.33     2048 Bytes  21.12.2013 14:16:10
VBASE029.VDF   : 7.11.121.34     2048 Bytes  21.12.2013 14:16:10
VBASE030.VDF   : 7.11.121.35     2048 Bytes  21.12.2013 14:16:10
VBASE031.VDF   : 7.11.121.84   134144 Bytes  22.12.2013 14:16:10
Engineversion  : 8.2.12.166
AEVDF.DLL      : 8.1.3.4       102774 Bytes  30.09.2013 09:01:12
AESCRIPT.DLL   : 8.1.4.176     520574 Bytes  22.12.2013 14:16:17
AESCN.DLL      : 8.1.10.6      131447 Bytes  22.12.2013 14:16:17
AESBX.DLL      : 8.2.16.26    1245560 Bytes  30.09.2013 09:01:12
AERDL.DLL      : 8.2.0.138     704888 Bytes  03.12.2013 10:11:51
AEPACK.DLL     : 8.3.3.8       762232 Bytes  22.12.2013 14:16:16
AEOFFICE.DLL   : 8.1.2.76      205181 Bytes  30.09.2013 09:01:12
AEHEUR.DLL     : 8.1.4.830    6386042 Bytes  22.12.2013 14:16:16
AEHELP.DLL     : 8.1.27.10     266618 Bytes  29.11.2013 09:08:40
AEGEN.DLL      : 8.1.7.20      446839 Bytes  29.11.2013 09:08:40
AEEXP.DLL      : 8.4.1.138     418168 Bytes  22.12.2013 14:16:18
AEEMU.DLL      : 8.1.3.2       393587 Bytes  30.09.2013 09:01:12
AECORE.DLL     : 8.1.33.0      225657 Bytes  22.12.2013 14:16:11
AEBB.DLL       : 8.1.1.4        53619 Bytes  30.09.2013 09:01:12
AVWINLL.DLL    : 14.0.2.180     23608 Bytes  22.12.2013 14:15:50
AVPREF.DLL     : 14.0.2.180     48696 Bytes  22.12.2013 14:16:24
AVREP.DLL      : 14.0.2.180    175672 Bytes  22.12.2013 14:16:24
AVARKT.DLL     : 14.0.2.254    256056 Bytes  22.12.2013 14:16:19
AVEVTLOG.DLL   : 14.0.2.180    165944 Bytes  22.12.2013 14:16:21
SQLITE3.DLL    : 3.7.0.1       394824 Bytes  30.09.2013 09:01:31
AVSMTP.DLL     : 14.0.2.180     60472 Bytes  22.12.2013 14:16:26
NETNT.DLL      : 14.0.2.180     13368 Bytes  22.12.2013 14:16:49
RCIMAGE.DLL    : 14.0.2.180   4786744 Bytes  22.12.2013 14:15:50
RCTEXT.DLL     : 14.0.2.270     73272 Bytes  22.12.2013 14:15:50

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Suche nach Rootkits und aktiver Malware
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\rootkit.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Sonntag, 22. Dezember 2013  16:25

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'TiWorker.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'SettingSyncHost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'glcnd.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.EXE' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'skydrive.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '195' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConnectifyD.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'ConnectifyService.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '196' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1061' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:'
C:\swapfile.sys
  [WARNUNG]   Die Datei konnte nicht geöffnet werden!
C:\Windows\WinSxS\Temp\PendingRenames\2ace9e0027ffce0184040000540bf00a.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\2d7b75d283eece01a2050000ac0fa013.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\2e432a7e23ffce01160500008801e40d.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\3a3b767c39f3ce01760400007814d812.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\5fe543fb26ffce0175040000540bf00a.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\89b4d3f786eece0176040000a00dec10.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\a735be368acdce01d31d0000680e3017.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\b7724d8f39f3ce01850400007814d812.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\c131054d8acdce01e81d0000680e3017.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\c2342ebf83eece018d050000ac0fa013.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
C:\Windows\WinSxS\Temp\PendingRenames\cef363fc86eece0185040000a00dec10.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen

Beginne mit der Desinfektion:
C:\Windows\WinSxS\Temp\PendingRenames\cef363fc86eece0185040000a00dec10.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\c2342ebf83eece018d050000ac0fa013.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\c131054d8acdce01e81d0000680e3017.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\b7724d8f39f3ce01850400007814d812.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\a735be368acdce01d31d0000680e3017.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\89b4d3f786eece0176040000a00dec10.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\5fe543fb26ffce0175040000540bf00a.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\3a3b767c39f3ce01760400007814d812.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\2e432a7e23ffce01160500008801e40d.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\2d7b75d283eece01a2050000ac0fa013.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.
C:\Windows\WinSxS\Temp\PendingRenames\2ace9e0027ffce0184040000540bf00a.x86_microsoft-windows-kernelstreaming_31bf3856ad364e35_6.3.9600.16395_none_ec16b73cb184e5d3_ks.sys_f36cc2f7
  [FUND]      Ist das Trojanische Pferd TR/Mediyes.Gen
  [WARNUNG]   Die Datei wurde ignoriert.


Ende des Suchlaufs: Sonntag, 22. Dezember 2013  17:04
Benötigte Zeit: 36:24 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  17246 Verzeichnisse wurden überprüft
 169520 Dateien wurden geprüft
     11 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      1 Dateien konnten nicht durchsucht werden
 169508 Dateien ohne Befall
    367 Archive wurden durchsucht
     12 Warnungen
      0 Hinweise
 401844 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden

schrauber · 23.12.2013, 09:09

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

WIN 8: TR/Mediyes.gen, von Anitivir gefunden

Plagegeister aller Art und deren Bekämpfung: WIN 8: TR/Mediyes.gen, von Anitivir gefunden