Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows Vista: Trojaner mit Tücken

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.01.2015, 16:20   #1
dhx
 
Windows Vista: Trojaner mit Tücken - Icon17

Windows Vista: Trojaner mit Tücken



Hallo liebes Trojaner-Board Team,
ich habe das Gefühl, dass ich mir einen Trojaner eingefangen habe. Er reagiert sehr langsam und der Taskmanager und die Registry lassen sich nicht mehr öffnen. Mich würde es freuen wenn ihr mal einen Blick auf meine Logs werfen könnt. PS: Logs zu groß.
Angehängte Dateien
Dateityp: txt Addition.txt (16,4 KB, 172x aufgerufen)

Alt 15.01.2015, 16:25   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 15.01.2015, 16:34   #3
dhx
 
Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2015
Ran by StandartAdmin (administrator) on HOME-PC on 15-01-2015 16:55:16
Running from C:\Users\StandartAdmin\Desktop
Loaded Profiles: StandartAdmin (Available profiles: StandartAdmin)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(SysTool PasSame LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
() C:\Program Files\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe
(Realtek Semiconductor Corp.) C:\Program Files\NETGEAR\A6100\RtlService.exe
() C:\Program Files\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe
(NETGEAR) C:\Program Files\NETGEAR\A6100\A6100.EXE
(XTab system) C:\Program Files\XTab\ProtectService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Price Fountain) C:\Users\StandartAdmin\AppData\Local\PriceFountain\pricefountainw.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Price Fountain) C:\Users\StandartAdmin\AppData\Local\PriceFountain\pricefountain.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1085512 2015-01-12] (The Eraser Project)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\Run: [pricefountainw.exe] => C:\Users\StandartAdmin\AppData\Local\PriceFountain\pricefountainw.exe [461824 2014-12-07] (Price Fountain)
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\Run: [{0745BD7F-2934-C113-7518-780DB45B31FD}] => C:\Users\StandartAdmin\AppData\Roaming\Uxgi\tisi.exe [146944 2015-01-14] ()
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\RunOnce: [PriceFountain] => wscript /E:vbscript /B "C:\Users\STANDA~1\AppData\Roaming\PriceFountain\UpdateProc\bkup.dat"
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\MountPoints2: {fe805dd2-9bf9-11e4-b9e8-806e6f6e6963} - D:\autostart.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49366;https=127.0.0.1:49366;
ProxyEnable: [S-1-5-21-994520407-3949958976-4116058162-1000] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-994520407-3949958976-4116058162-1000] => http=127.0.0.1:49366;https=127.0.0.1:49366;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/web/?type=dspp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/web/?type=dspp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\XTab\SupTab.dll (Thinknice Co. Limited)
BHO: PriceFountain -> {b608cc98-54de-4775-96c9-097de398500c} -> C:\Users\StandartAdmin\AppData\Local\PriceFountain\PriceFountainIE.dll ()
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: mystartsearch
FF SelectedSearchEngine: mystartsearch
FF Homepage: hxxp://www.<!doctype html><html lang=\"en-US\"><head><meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\"/><meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\"><link rel=\"apple-touch-icon\" sizes=\"72x72\" href=\"hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
FF SearchPlugin: C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\searchplugins\mystartsearch.xml
FF Extension: Fast Start - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\faststartff@gmail.com [2015-01-15]
FF Extension: FF Toolbar - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\fftoolbar2014@etech.com [2015-01-15]
FF Extension: PriceFountain - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [2015-01-15]
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\extensions\fftoolbar2014@etech.com
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\extensions\faststartff@gmail.com
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.mystartsearch.com/?type=sc&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [158864 2014-12-29] (XTab system) [File not signed]
R2 Internet Enhancer Service; C:\Program Files\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe [312320 2015-01-05] () [File not signed]
R2 Realtek8723AU; C:\Program Files\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [464384 2015-01-15] (SysTool PasSame LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 A6100; C:\Windows\System32\DRIVERS\A6100.sys [2444504 2013-07-08] (Realtek Semiconductor Corporation                           )
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 16:55 - 2015-01-15 16:55 - 00011470 _____ () C:\Users\StandartAdmin\Desktop\FRST.txt
2015-01-15 16:55 - 2015-01-15 16:55 - 00000000 ____D () C:\FRST
2015-01-15 16:51 - 2015-01-15 16:51 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Uxgi
2015-01-15 16:51 - 2015-01-15 16:51 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Toiqon
2015-01-15 16:48 - 2015-01-15 16:48 - 00001670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2015-01-15 16:48 - 2015-01-15 16:48 - 00001658 _____ () C:\Users\Public\Desktop\Eraser.lnk
2015-01-15 16:48 - 2015-01-15 16:48 - 00000000 ____D () C:\Program Files\Eraser
2015-01-15 16:31 - 2015-01-15 16:31 - 02191360 _____ () C:\Users\StandartAdmin\Desktop\AdwCleaner.exe
2015-01-15 16:30 - 2015-01-15 16:30 - 00000046 _____ () C:\Users\StandartAdmin\AppData\Roaming\WB.CFG
2015-01-15 16:29 - 2015-01-15 16:29 - 01116672 _____ (Farbar) C:\Users\StandartAdmin\Desktop\FRST.exe
2015-01-15 15:49 - 2015-01-15 15:49 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-01-15 15:48 - 2009-11-08 18:55 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-15 15:48 - 2009-11-08 18:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-15 15:46 - 2015-01-15 15:46 - 08317032 _____ (The Eraser Project) C:\Users\StandartAdmin\Downloads\Eraser_6.2.0.2962.exe
2015-01-15 15:44 - 2015-01-15 15:44 - 00000048 ____H () C:\Users\StandartAdmin\Desktop\SicherLoeschen.ini
2015-01-15 15:44 - 2015-01-15 15:44 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\WinRAR
2015-01-15 15:42 - 2015-01-15 15:42 - 00001057 _____ () C:\Users\StandartAdmin\Desktop\Revo Uninstaller.lnk
2015-01-15 15:42 - 2015-01-15 15:42 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-15 15:41 - 2015-01-15 15:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\StandartAdmin\Downloads\revosetup.exe
2015-01-15 15:36 - 2015-01-15 15:36 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 15:35 - 2015-01-15 15:35 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-01-15 15:35 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-15 15:35 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-15 15:35 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-15 15:34 - 2015-01-15 15:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\StandartAdmin\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-15 15:30 - 2015-01-15 16:30 - 00000314 _____ () C:\Windows\Tasks\Price Fountain.job
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\PriceFountain
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\PriceFountain
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInterEnhance
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\Program Files\XTab
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\Program Files\Wajam
2015-01-15 15:30 - 2015-01-15 15:30 - 00000000 ____D () C:\Program Files\WaInterEnhance
2015-01-15 15:29 - 2015-01-15 15:29 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-01-15 15:28 - 2015-01-15 15:28 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\mystartsearch
2015-01-15 15:27 - 2015-01-15 15:27 - 00000940 _____ () C:\Users\StandartAdmin\Desktop\Core Temp.lnk
2015-01-15 15:27 - 2015-01-15 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2015-01-15 15:27 - 2015-01-15 15:27 - 00000000 ____D () C:\Program Files\Core Temp
2015-01-15 15:26 - 2015-01-15 15:26 - 01285176 _____ (Alcpu ) C:\Users\StandartAdmin\Downloads\Core-Temp-installer.exe
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\vi-VN
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\eu-ES
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\ca-ES
2015-01-14 16:27 - 2015-01-14 16:27 - 00000000 ____D () C:\Windows\system32\SPReview
2015-01-14 16:20 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2015-01-14 16:20 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00897000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-14 16:19 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 16:19 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 03601896 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 16:19 - 2009-04-10 23:32 - 03549672 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:19 - 2009-04-10 23:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00439784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-14 16:19 - 2009-04-10 23:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2015-01-14 16:19 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2015-01-14 16:19 - 2009-04-10 23:28 - 11584000 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 10624512 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 06079488 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03596288 _____ (Microsoft Corporation)
         

Code:
ATTFilter



 C:\Windows\system32\mshtml.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01696768 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01695232 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01336320 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01183232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01167872 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01135104 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00476672 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00461824 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
         

Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\extmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00117248 _____ () C:\Windows\system32\EhStorAuthn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-01-14 16:19 - 2009-04-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 01827840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01202168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-01-14 16:19 - 2009-04-10 23:27 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-01-14 16:19 - 2009-04-10 23:27 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2015-01-14 16:19 - 2009-04-10 23:27 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00217088 _____ (Microsoft Corporation)
         


Code:
ATTFilter
 C:\Windows\system32\psisrndr.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-14 16:19 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2015-01-14 16:19 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2015-01-14 16:19 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2015-01-14 16:19 - 2009-04-10 23:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-14 16:19 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-01-14 16:19 - 2009-04-10 22:04 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-14 16:19 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2015-01-14 16:19 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2015-01-14 16:19 - 2009-04-10 21:57 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-14 16:19 - 2009-04-10 21:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-14 16:19 - 2009-04-10 21:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-14 16:19 - 2009-04-10 21:48 - 00344698 _____ () C:\Windows\system32\eaphost.tmf
2015-01-14 16:19 - 2009-04-10 21:47 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00208966 _____ () C:\Windows\system32\WFP.TMF
2015-01-14 16:19 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 02499629 _____ () C:\Windows\system32\wlan.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00442788 _____ () C:\Windows\system32\dot3.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00392170 _____ () C:\Windows\system32\onex.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-14 16:19 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2015-01-14 16:19 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-01-14 16:19 - 2009-04-10 21:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-01-14 16:19 - 2009-04-10 21:36 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-14 16:19 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-01-14 16:19 - 2009-04-10 21:24 - 02034688 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-14 16:19 - 2009-04-10 21:23 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-14 16:19 - 2009-04-10 21:23 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-14 16:19 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2015-01-14 16:19 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2015-01-14 16:19 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-01-14 16:19 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2015-01-14 16:19 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-14 16:19 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2015-01-14 16:19 - 2009-04-10 18:59 - 00107612 _____ () C:\Windows\system32\StructuredQuerySchema.bin
2015-01-14 16:19 - 2009-04-10 18:59 - 00018904 _____ () C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2015-01-14 16:19 - 2009-04-10 18:54 - 03662128 _____ () C:\Windows\system32\locale.nls
2015-01-14 16:19 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-14 16:19 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-14 16:19 - 2009-03-06 18:11 - 00130008 _____ () C:\Windows\system32\systemsf.ebd
2015-01-14 16:19 - 2009-02-19 17:20 - 00009239 _____ () C:\Windows\system32\spcinstrumentation.man
2015-01-14 16:19 - 2009-02-19 17:20 - 00009212 _____ () C:\Windows\system32\RacUR.xml
2015-01-14 16:19 - 2009-02-18 11:43 - 00000153 _____ () C:\Windows\system32\RacUREx.xml
2015-01-14 16:19 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-01-14 16:19 - 2009-02-18 11:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-14 16:19 - 2009-02-18 11:39 - 00092918 _____ () C:\Windows\system32\slmgr.vbs
2015-01-14 16:19 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-14 16:19 - 2009-02-18 11:38 - 11967524 _____ () C:\Windows\system32\korwbrkr.lex
2015-01-14 16:19 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-14 16:19 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-14 16:19 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2015-01-14 16:19 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-14 16:16 - 2015-01-14 16:16 - 00000000 ____D () C:\Windows\system32\EventProviders
2015-01-14 16:06 - 2015-01-14 16:15 - 365230920 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\Windows6.0-KB948465-X86.exe
2015-01-14 16:05 - 2015-01-14 16:05 - 11473216 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\mseinstall.exe
2015-01-14 16:02 - 2015-01-14 16:02 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Mozilla
2015-01-14 16:02 - 2015-01-14 16:02 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Mozilla
2015-01-14 16:00 - 2015-01-14 16:00 - 00057654 _____ () C:\Windows\OEMLogo.bmp
2015-01-14 15:57 - 2015-01-14 15:57 - 00001634 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-01-14 15:57 - 2015-01-14 15:57 - 00000000 ____D () C:\Program Files\Recuva
2015-01-14 15:56 - 2015-01-15 15:28 - 00001054 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 15:56 - 2015-01-15 15:28 - 00001042 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-14 15:53 - 2015-01-14 15:53 - 00001947 _____ () C:\Users\Public\Desktop\NETGEAR A6100 Genie.lnk
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\NETGEAR
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6100 Genie
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\NETGEAR
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\installshield installation information
2015-01-14 15:53 - 2013-08-21 23:20 - 00006588 _____ () C:\Windows\system32\Drivers\A6100_LMT.txt
2015-01-14 15:53 - 2013-08-21 23:20 - 00001529 _____ () C:\Windows\system32\Drivers\A6100.txt
2015-01-14 15:52 - 2015-01-14 15:52 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-14 15:52 - 2015-01-14 15:52 - 00000000 ____D () C:\Users\StandartAdmin\Downloads\NETGEAR
2015-01-14 15:48 - 2015-01-15 16:27 - 00000680 _____ () C:\Users\StandartAdmin\AppData\Local\d3d9caps.dat
2015-01-14 15:48 - 2015-01-15 15:28 - 00001145 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-14 15:48 - 2015-01-15 15:22 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\VirtualStore
2015-01-14 15:48 - 2015-01-15 15:21 - 00000915 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-01-14 15:48 - 2015-01-14 15:58 - 00000000 ____D () C:\Users\StandartAdmin
2015-01-14 15:48 - 2015-01-14 15:48 - 00048600 _____ () C:\Users\StandartAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 15:48 - 2015-01-14 15:48 - 00000944 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-14 15:48 - 2015-01-14 15:48 - 00000020 ___SH () C:\Users\StandartAdmin\ntuser.ini
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Startmenü
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Netzwerkumgebung
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Druckumgebung
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Documents\Eigene Musik
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Documents\Eigene Bilder
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\AppData\Local\Verlauf
2015-01-14 15:48 - 2008-01-21 03:56 - 00000000 ___RD () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 15:48 - 2008-01-21 03:56 - 00000000 ___RD () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-14 15:37 - 2015-01-14 15:37 - 00000604 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
2015-01-14 15:36 - 2015-01-14 15:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf
2015-01-14 15:32 - 2015-01-14 15:36 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-01-14 15:30 - 2015-01-14 15:37 - 00000000 ____D () C:\Windows\Panther
2015-01-14 15:30 - 2015-01-14 15:30 - 00008192 ___RS () C:\BOOTSECT.BAK
2015-01-14 15:30 - 2009-04-10 23:36 - 00333257 __RSH () C:\bootmgr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 16:31 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-15 16:30 - 2008-01-21 09:21 - 01557964 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 16:29 - 2008-01-21 02:38 - 00052951 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 16:26 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 16:26 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 16:26 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 16:25 - 2008-01-21 04:02 - 00007138 _____ () C:\Windows\PFRO.log
2015-01-15 15:58 - 2006-11-02 13:58 - 00004862 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-15 15:55 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-01-15 15:52 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-15 15:19 - 2006-11-02 13:44 - 00228840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 16:42 - 2008-01-21 09:20 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Collaboration
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Calendar
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Movie Maker
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-TW
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-CN
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sv-SE
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\SLUI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ru-RU
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nb-NO
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\it-IT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hu-HU
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fi-FI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\el-GR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\IME
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-14 16:40 - 2006-11-02 13:49 - 00079818 _____ () C:\Windows\setupact.log
2015-01-14 15:53 - 2006-11-02 13:35 - 00000000 ____D () C:\Windows\system32\restore
2015-01-14 15:46 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2015-01-14 15:46 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-14 15:32 - 2006-11-02 13:45 - 00003257 _____ () C:\Windows\DtcInstall.log
2015-01-14 15:30 - 2006-11-02 13:41 - 00041984 ____H () C:\Windows\system32\config\BCD-Template.LOG
2015-01-14 15:30 - 2006-11-02 13:35 - 00262144 _____ () C:\Windows\system32\config\BCD-Template

Some content of TEMP:
====================
C:\Users\StandartAdmin\AppData\Local\Temp\setup.exe
C:\Users\StandartAdmin\AppData\Local\Temp\smt_mystartsearch.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 16:31

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Hoffentlich passt es!
__________________

Alt 15.01.2015, 16:38   #4
dhx
 
Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2015
Ran by StandartAdmin at 2015-01-15 16:56:14
Running from C:\Users\StandartAdmin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Eraser 6.2.0.2962 (HKLM\...\{03983F45-ED4B-4541-B00B-F31565F0756B}) (Version: 6.2.2962 - The Eraser Project)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
mystartsearch uninstall (HKLM\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION
NETGEAR A6100 Genie (HKLM\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.12 - NETGEAR)
NETGEAR A6100 Genie (Version: 1.0.0.12 - NETGEAR) Hidden
PriceFountain (remove only) (HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\PriceFountain) (Version: 1.0.8.6 - Price Fountain)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Update for PriceFountain (HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\Price Fountain) (Version:  - Update for PriceFountain) <==== ATTENTION
Wajam (HKLM\...\WaInterEnhance) (Version: 2.21.2.32 (i2.6) - WaInterEnhance) <==== ATTENTION
WinRAR 5.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-01-2015 15:53:06 Installiert NETGEAR A6100 Genie
14-01-2015 16:17:40 Windows Vista™ Service Pack 2
15-01-2015 15:47:56 Windows Update
15-01-2015 16:48:16 Installed Eraser 6.2.0.2962

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {9450E27A-FFB4-4A98-9801-D1C36A285EC7} - System32\Tasks\Price Fountain => C:\Users\StandartAdmin\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe [2015-01-15] () <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Price Fountain.job => C:\Users\STANDA~1\AppData\Roaming\PRICEF~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2015-01-05 17:14 - 2015-01-05 17:14 - 00312320 _____ () C:\Program Files\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancerService.exe
2015-01-05 17:14 - 2015-01-05 17:14 - 00083456 _____ () C:\Program Files\WaInterEnhance\WaInterEnhance Internet Enhancer\InternetEnhancer.exe
2013-07-17 11:57 - 2013-07-17 11:57 - 00094208 _____ () C:\Program Files\NETGEAR\A6100\Realtek.dll
2012-11-06 09:47 - 2012-11-06 09:47 - 00114688 _____ () C:\Program Files\NETGEAR\A6100\EnumDevLib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: 5cd8f17f4086744065eb0992a09e05a2 => "C:\Users\StandartAdmin\AppData\Local\Temp\Trojan.exe" ..

========================= Accounts: ==========================

Administrator (S-1-5-21-994520407-3949958976-4116058162-500 - Administrator - Disabled)
Gast (S-1-5-21-994520407-3949958976-4116058162-501 - Limited - Disabled)
StandartAdmin (S-1-5-21-994520407-3949958976-4116058162-1000 - Administrator - Enabled) => C:\Users\StandartAdmin

==================== Faulty Device Manager Devices =============

Name: Standard-VGA-Grafikkarte
Description: Standard-VGA-Grafikkarte
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardgrafikkartentypen)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Videocontroller
Description: Videocontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Serieller PCI-Anschluss
Description: Serieller PCI-Anschluss
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================
         
Code:
ATTFilter
Application errors:
==================
Error: (01/15/2015 04:27:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2015 04:26:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung cmdshell.exe, Version 4.0.1.1615, Zeitstempel 0x54a0adf1, fehlerhaftes Modul cmdshell.exe, Version 4.0.1.1615, Zeitstempel 0x54a0adf1, Ausnahmecode 0xc0000409, Fehleroffset 0x000054cf,
Prozess-ID 0xbf0, Anwendungsstartzeit cmdshell.exe0.

Error: (01/15/2015 03:21:59 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3552) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (01/15/2015 03:20:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 04:43:31 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp63800706f7

Error: (01/14/2015 04:43:31 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp63800706f7

Error: (01/14/2015 03:53:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {e301f154-57f8-4308-96c4-d27c73d3070b}

Error: (01/14/2015 03:46:39 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Die indizierten Daten des Windows-Suchdiensts für den Benutzer 'Home-PC\Administrator' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode 0x80070015.

Das Gerät ist nicht bereit.
.

Error: (01/14/2015 03:46:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/15/2015 04:27:27 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek8723AU

Error: (01/15/2015 03:22:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000Realtek8723AU

Error: (01/15/2015 03:20:08 PM) (Source: Dhcp) (EventID: 1002) (User: )
Description: Die IP-Adresslease 10.0.0.3 für die Netzwerkkarte mit der Netzwerkadresse 6CB0CE0CD8E0 wurde durch den DHCP-Server 0.0.0.0 abgelehnt (der DHCP-Server hat eine DHCPNACK-Meldung gesendet).

Error: (01/14/2015 03:46:18 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (01/14/2015 03:33:14 PM) (Source: HTTP) (EventID: 15016) (User: )
Description: \Device\Http\ReqQueueKerberos


Microsoft Office Sessions:
=========================
Error: (01/15/2015 04:27:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2015 04:26:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: cmdshell.exe4.0.1.161554a0adf1cmdshell.exe4.0.1.161554a0adf1c0000409000054cfbf001d030d7b24b5f07

Error: (01/15/2015 03:21:59 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3552WindowsMail0:

Error: (01/15/2015 03:20:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 04:43:31 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp63800706f7

Error: (01/14/2015 04:43:31 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp63800706f7

Error: (01/14/2015 03:53:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005

Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {e301f154-57f8-4308-96c4-d27c73d3070b}

Error: (01/14/2015 03:46:39 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Home-PC\Administrator0x80070015Das Gerät ist nicht bereit.

Error: (01/14/2015 03:46:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-01-15 16:56:07.014
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.999
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.983
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.983
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.734
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.702
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.687
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:56:06.640
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-14 16:17:10.856
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-14 16:17:10.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz
Percentage of memory in use: 66%
Total physical RAM: 875.49 MB
Available physical RAM: 290.95 MB
Total Pagefile: 2015.35 MB
Available Pagefile: 1348.67 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:138.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: B0000000)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 15.01.2015, 17:31   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    mystartsearch uninstall

    Update for PriceFountain

    Wajam


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.01.2015, 12:23   #6
dhx
 
Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Code:
ATTFilter
ComboFix 15-01-08.01 - StandartAdmin 16.01.2015  13:05:39.1.2 - x86
Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.43.1031.18.875.354 [GMT 1:00]
ausgeführt von:: c:\users\StandartAdmin\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\StandartAdmin\AppData\Roaming\Uxgi
c:\users\StandartAdmin\AppData\Roaming\Uxgi\tisi.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-12-16 bis 2015-01-16  ))))))))))))))))))))))))))))))
.
.
2015-01-16 12:11 . 2015-01-16 12:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-01-15 15:55 . 2015-01-15 15:56	--------	d-----w-	C:\FRST
2015-01-15 15:48 . 2015-01-15 15:48	--------	d-----w-	c:\program files\Eraser
2015-01-15 14:49 . 2015-01-15 14:49	--------	d-----w-	c:\program files\Microsoft.NET
2015-01-15 14:48 . 2009-11-08 17:55	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2015-01-15 14:48 . 2009-11-08 17:55	49472	----a-w-	c:\windows\system32\netfxperf.dll
2015-01-15 14:48 . 2009-11-08 17:55	297808	----a-w-	c:\windows\system32\mscoree.dll
2015-01-15 14:48 . 2009-11-08 17:55	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2015-01-15 14:48 . 2009-11-08 17:55	1130824	----a-w-	c:\windows\system32\dfshim.dll
2015-01-15 14:42 . 2015-01-15 14:42	--------	d-----w-	c:\program files\VS Revo Group
2015-01-15 14:36 . 2015-01-15 14:36	114904	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-01-15 14:35 . 2014-11-21 05:14	51928	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-01-15 14:35 . 2014-11-21 05:14	75480	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-01-15 14:35 . 2014-11-21 05:14	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-01-15 14:35 . 2015-01-15 14:35	--------	d-----w-	c:\program files\ Malwarebytes Anti-Malware 
2015-01-15 14:35 . 2015-01-15 14:35	--------	d-----w-	c:\programdata\Malwarebytes
2015-01-15 14:30 . 2015-01-15 14:30	--------	d-----w-	c:\programdata\IHProtectUpDate
2015-01-15 14:30 . 2015-01-15 14:30	--------	d-----w-	c:\program files\XTab
2015-01-15 14:29 . 2015-01-15 14:29	--------	d-----w-	c:\programdata\WindowsMangerProtect
2015-01-15 14:27 . 2015-01-15 14:27	--------	d-----w-	c:\program files\Core Temp
2015-01-14 15:42 . 2015-01-14 15:42	--------	d-----w-	c:\windows\system32\ca-ES
2015-01-14 15:42 . 2015-01-14 15:42	--------	d-----w-	c:\windows\system32\eu-ES
2015-01-14 15:42 . 2015-01-14 15:42	--------	d-----w-	c:\windows\system32\vi-VN
2015-01-14 15:27 . 2015-01-14 15:27	--------	d-----w-	c:\windows\system32\SPReview
2015-01-14 15:20 . 2009-04-10 22:28	928768	----a-w-	c:\windows\system32\scavenge.dll
2015-01-14 15:20 . 2009-04-10 22:27	57856	----a-w-	c:\windows\system32\compcln.exe
2015-01-14 15:16 . 2015-01-14 15:16	--------	d-----w-	c:\windows\system32\EventProviders
2015-01-14 14:57 . 2015-01-14 14:57	--------	d-----w-	c:\program files\Recuva
2015-01-14 14:56 . 2015-01-14 14:56	--------	d-----w-	c:\program files\Mozilla Maintenance Service
2015-01-14 14:53 . 2015-01-14 14:53	--------	d-----w-	c:\program files\installshield installation information
2015-01-14 14:53 . 2015-01-14 14:53	--------	d-----w-	c:\program files\NETGEAR
2015-01-14 14:53 . 2015-01-14 14:53	--------	d-----w-	c:\programdata\NETGEAR
2015-01-14 14:53 . 2015-01-15 15:48	--------	d-sh--w-	c:\windows\Installer
2015-01-14 14:52 . 2015-01-14 14:52	--------	d-----w-	c:\windows\Downloaded Installations
2015-01-14 14:48 . 2015-01-14 14:58	--------	d-----w-	c:\users\StandartAdmin
2015-01-14 14:30 . 2015-01-14 14:37	--------	d-----w-	c:\windows\Panther
2015-01-14 14:30 . 2015-01-15 14:21	--------	d-----w-	C:\Boot
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"pricefountainw.exe"="c:\users\StandartAdmin\AppData\Local\PriceFountain\pricefountainw.exe HKEY_CURRENT_USER Software\PriceFountain" [X]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-10 1233920]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-10 2153472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Eraser"="c:\program files\Eraser\Eraser.exe" [2015-01-12 1085512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR A6100 Genie.lnk - c:\program files\NETGEAR\A6100\RtlService.exe -b [2013-7-2 45784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
S3 A6100;NETGEAR A6100 WiFi Adapter;c:\windows\system32\DRIVERS\A6100.sys [2013-07-08 2444504]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 48101801
*Deregistered* - 48101801
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork	REG_MULTI_SZ   	PLA DPS BFE mpssvc
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
uDefault_Search_URL = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/web/?type=dspp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
mStart Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
uInternet Settings,ProxyOverride = <-loopback>
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\
FF - prefs.js: browser.search.selectedEngine - mystartsearch
FF - prefs.js: browser.startup.homepage - hxxp://www.<!doctype html><html lang=\en-US\><head><meta http-equiv=\X-UA-Compatible\ content=\IE=Edge\/><meta http-equiv=\content-type\ content=\text/html; charset=UTF-8\><link rel=\apple-touch-icon\ sizes=\72x72\ href=\hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-{0745BD7F-2934-C113-7518-780DB45B31FD} - c:\users\StandartAdmin\AppData\Roaming\Uxgi\tisi.exe
MSConfigStartUp-5cd8f17f4086744065eb0992a09e05a2 - c:\users\StandartAdmin\AppData\Local\Temp\Trojan.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-01-16 13:11
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-01-16  13:15:33
ComboFix-quarantined-files.txt  2015-01-16 12:15
.
Vor Suchlauf: 6 Verzeichnis(se), 147.129.401.344 Bytes frei
Nach Suchlauf: 9 Verzeichnis(se), 146.857.373.696 Bytes frei
.
- - End Of File - - B11CA9A4BAF0CA87190FF8F4366FBFAA
5C616939100B85E558DA92B899A0FC36
         

Welchen Virus siehst du da? MfG. dhx

Alt 16.01.2015, 18:03   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Malware, auf jeden Fall Passwörter ändern von einem andern Rechner aus.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.01.2015, 06:32   #8
dhx
 
Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Puh! Bald Fertig!


Code:
ATTFilter
# AdwCleaner v4.107 - Bericht erstellt am 17/01/2015 um 06:52:21
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-13.2 [Live]
# Betriebssystem : Windows Vista (TM) Home Basic Service Pack 2 (32 bits)
# Benutzername : StandartAdmin - HOME-PC
# Gestartet von : C:\Users\StandartAdmin\Desktop\AdwCleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : WindowsMangerProtect
Dienst Gelöscht : IHProtect Service

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\IHProtectUpDate
Ordner Gelöscht : C:\Program Files\XTab
Ordner Gelöscht : C:\Users\StandartAdmin\AppData\Local\PriceFountain
Ordner Gelöscht : C:\Users\StandartAdmin\AppData\Roaming\PriceFountain
Ordner Gelöscht : C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\faststartff@gmail.com
Ordner Gelöscht : C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\fftoolbar2014@etech.com
Datei Gelöscht : C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi
Datei Gelöscht : C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\searchplugins\mystartsearch.xml

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [fftoolbar2014@etech.com]
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pricefountainw.exe]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\mystartsearchSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\IHProtect
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PriceFountain
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mystartsearch uninstall
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WaInterEnhance

***** [ Browser ] *****

-\\ Internet Explorer v7.0.6002.18005


-\\ Mozilla Firefox v34.0.5 (x86 de)

[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "mystartsearch");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1421332120&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "mystartsearch");
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[huhjldri.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

AdwCleaner[R0].txt - [4257 octets] - [17/01/2015 06:50:42]
AdwCleaner[S0].txt - [4702 octets] - [17/01/2015 06:52:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4762 octets] ##########
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2015 01
Ran by StandartAdmin (administrator) on HOME-PC on 17-01-2015 06:55:13
Running from C:\Users\StandartAdmin\Desktop
Loaded Profiles: StandartAdmin (Available profiles: StandartAdmin)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\NETGEAR\A6100\RtlService.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NETGEAR) C:\Program Files\NETGEAR\A6100\A6100.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1085512 2015-01-12] (The Eraser Project)
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\...\Run: [{0745BD7F-2934-C113-7518-780DB45B31FD}] => C:\Users\StandartAdmin\AppData\Roaming\Uxgi\tisi.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49366;https=127.0.0.1:49366;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/web/?type=dspp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default
FF Homepage: hxxp://www.<!doctype html><html lang=\"en-US\"><head><meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\"/><meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\"><link rel=\"apple-touch-icon\" sizes=\"72x72\" href=\"hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
FF Extension: No Name - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\extensions\fftoolbar2014@etech.com [Not Found]
FF Extension: No Name - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\extensions\faststartff@gmail.com [Not Found]
FF Extension: No Name - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\extensions\{b6a94784-0ffb-4121-88c6-435139067ee2}.xpi [Not Found]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Realtek8723AU; C:\Program Files\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 A6100; C:\Windows\System32\DRIVERS\A6100.sys [2444504 2013-07-08] (Realtek Semiconductor Corporation                           )
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\STANDA~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 06:55 - 2015-01-17 06:55 - 00006814 _____ () C:\Users\StandartAdmin\Desktop\FRST.txt
2015-01-17 06:55 - 2015-01-17 06:55 - 00000000 ____D () C:\Users\StandartAdmin\Desktop\FRST-OlderVersion
2015-01-17 06:54 - 2015-01-17 06:54 - 00000000 ____D () C:\Users\StandartAdmin\Desktop\ogs
2015-01-17 06:50 - 2015-01-17 06:52 - 00000000 ____D () C:\AdwCleaner
2015-01-16 13:15 - 2015-01-16 13:15 - 00008141 _____ () C:\ComboFix.txt
2015-01-16 13:04 - 2015-01-16 13:15 - 00000000 ____D () C:\Qoobox
2015-01-16 13:04 - 2015-01-16 13:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-16 13:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-16 13:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-16 13:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-16 13:02 - 2015-01-16 12:51 - 05609736 ____R (Swearware) C:\Users\StandartAdmin\Desktop\ComboFix.exe
2015-01-16 13:01 - 2015-01-16 13:01 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\StandartAdmin\Downloads\TDSSKiller42.exe
2015-01-15 16:58 - 2015-01-15 16:58 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Eraser 6
2015-01-15 16:55 - 2015-01-17 06:55 - 00000000 ____D () C:\FRST
2015-01-15 16:51 - 2015-01-15 16:51 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Toiqon
2015-01-15 16:48 - 2015-01-15 16:48 - 00001670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2015-01-15 16:48 - 2015-01-15 16:48 - 00001658 _____ () C:\Users\Public\Desktop\Eraser.lnk
2015-01-15 16:48 - 2015-01-15 16:48 - 00000000 ____D () C:\Program Files\Eraser
2015-01-15 16:31 - 2015-01-15 16:31 - 02191360 _____ () C:\Users\StandartAdmin\Desktop\AdwCleaner.exe
2015-01-15 16:30 - 2015-01-15 16:30 - 00000046 _____ () C:\Users\StandartAdmin\AppData\Roaming\WB.CFG
2015-01-15 16:29 - 2015-01-17 06:55 - 01117696 _____ (Farbar) C:\Users\StandartAdmin\Desktop\FRST.exe
2015-01-15 15:49 - 2015-01-15 15:49 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-01-15 15:48 - 2009-11-08 18:55 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-15 15:48 - 2009-11-08 18:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-15 15:46 - 2015-01-15 15:46 - 08317032 _____ (The Eraser Project) C:\Users\StandartAdmin\Downloads\Eraser_6.2.0.2962.exe
2015-01-15 15:44 - 2015-01-15 15:44 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\WinRAR
2015-01-15 15:42 - 2015-01-15 15:42 - 00001057 _____ () C:\Users\StandartAdmin\Desktop\Revo Uninstaller.lnk
2015-01-15 15:42 - 2015-01-15 15:42 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-15 15:41 - 2015-01-15 15:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\StandartAdmin\Downloads\revosetup.exe
2015-01-15 15:36 - 2015-01-16 13:49 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 15:35 - 2015-01-15 15:35 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-01-15 15:35 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-15 15:35 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-15 15:35 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-15 15:34 - 2015-01-15 15:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\StandartAdmin\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-15 15:27 - 2015-01-15 15:27 - 00000940 _____ () C:\Users\StandartAdmin\Desktop\Core Temp.lnk
2015-01-15 15:27 - 2015-01-15 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2015-01-15 15:27 - 2015-01-15 15:27 - 00000000 ____D () C:\Program Files\Core Temp
2015-01-15 15:26 - 2015-01-15 15:26 - 01285176 _____ (Alcpu ) C:\Users\StandartAdmin\Downloads\Core-Temp-installer.exe
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\vi-VN
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\eu-ES
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\ca-ES
2015-01-14 16:27 - 2015-01-14 16:27 - 00000000 ____D () C:\Windows\system32\SPReview
2015-01-14 16:20 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2015-01-14 16:20 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00897000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-14 16:19 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 16:19 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 03601896 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 16:19 - 2009-04-10 23:32 - 03549672 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:19 - 2009-04-10 23:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00439784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-14 16:19 - 2009-04-10 23:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2015-01-14 16:19 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2015-01-14 16:19 - 2009-04-10 23:28 - 11584000 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 10624512 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 06079488 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03596288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01696768 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01695232 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01336320 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01183232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01167872 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01135104 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
         

Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00712704 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00671232 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00476672 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00461824 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
         

Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 23:28 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\extmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00117248 _____ () C:\Windows\system32\EhStorAuthn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-01-14 16:19 - 2009-04-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 01827840 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01202168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-01-14 16:19 - 2009-04-10 23:27 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-01-14 16:19 - 2009-04-10 23:27 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2015-01-14 16:19 - 2009-04-10 23:27 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-14 16:19 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2015-01-14 16:19 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2015-01-14 16:19 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2015-01-14 16:19 - 2009-04-10 23:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-14 16:19 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-01-14 16:19 - 2009-04-10 22:04 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-14 16:19 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2015-01-14 16:19 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2015-01-14 16:19 - 2009-04-10 21:57 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-14 16:19 - 2009-04-10 21:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-14 16:19 - 2009-04-10 21:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-14 16:19 - 2009-04-10 21:48 - 00344698 _____ () C:\Windows\system32\eaphost.tmf
2015-01-14 16:19 - 2009-04-10 21:47 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00208966 _____ () C:\Windows\system32\WFP.TMF
2015-01-14 16:19 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 02499629 _____ () C:\Windows\system32\wlan.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00442788 _____ () C:\Windows\system32\dot3.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00392170 _____ () C:\Windows\system32\onex.tmf
         

Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 21:43 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-14 16:19 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2015-01-14 16:19 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-01-14 16:19 - 2009-04-10 21:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-01-14 16:19 - 2009-04-10 21:36 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-14 16:19 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-01-14 16:19 - 2009-04-10 21:24 - 02034688 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-14 16:19 - 2009-04-10 21:23 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-14 16:19 - 2009-04-10 21:23 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-14 16:19 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2015-01-14 16:19 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2015-01-14 16:19 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-01-14 16:19 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2015-01-14 16:19 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-14 16:19 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2015-01-14 16:19 - 2009-04-10 18:59 - 00107612 _____ () C:\Windows\system32\StructuredQuerySchema.bin
2015-01-14 16:19 - 2009-04-10 18:59 - 00018904 _____ () C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2015-01-14 16:19 - 2009-04-10 18:54 - 03662128 _____ () C:\Windows\system32\locale.nls
2015-01-14 16:19 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-14 16:19 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-14 16:19 - 2009-03-06 18:11 - 00130008 _____ () C:\Windows\system32\systemsf.ebd
2015-01-14 16:19 - 2009-02-19 17:20 - 00009239 _____ () C:\Windows\system32\spcinstrumentation.man
2015-01-14 16:19 - 2009-02-19 17:20 - 00009212 _____ () C:\Windows\system32\RacUR.xml
2015-01-14 16:19 - 2009-02-18 11:43 - 00000153 _____ () C:\Windows\system32\RacUREx.xml
2015-01-14 16:19 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-01-14 16:19 - 2009-02-18 11:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-14 16:19 - 2009-02-18 11:39 - 00092918 _____ () C:\Windows\system32\slmgr.vbs
2015-01-14 16:19 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-14 16:19 - 2009-02-18 11:38 - 11967524 _____ () C:\Windows\system32\korwbrkr.lex
2015-01-14 16:19 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-14 16:19 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-14 16:19 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2015-01-14 16:19 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-14 16:16 - 2015-01-14 16:16 - 00000000 ____D () C:\Windows\system32\EventProviders
2015-01-14 16:06 - 2015-01-14 16:15 - 365230920 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\Windows6.0-KB948465-X86.exe
2015-01-14 16:05 - 2015-01-14 16:05 - 11473216 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\mseinstall.exe
2015-01-14 16:02 - 2015-01-14 16:02 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Mozilla
2015-01-14 16:02 - 2015-01-14 16:02 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Mozilla
2015-01-14 16:00 - 2015-01-14 16:00 - 00057654 _____ () C:\Windows\OEMLogo.bmp
2015-01-14 15:57 - 2015-01-14 15:57 - 00001634 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-01-14 15:57 - 2015-01-14 15:57 - 00000000 ____D () C:\Program Files\Recuva
2015-01-14 15:56 - 2015-01-17 06:52 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 15:56 - 2015-01-17 06:52 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-14 15:53 - 2015-01-14 15:53 - 00001947 _____ () C:\Users\Public\Desktop\NETGEAR A6100 Genie.lnk
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\NETGEAR
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6100 Genie
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\NETGEAR
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\installshield installation information
2015-01-14 15:53 - 2013-08-21 23:20 - 00006588 _____ () C:\Windows\system32\Drivers\A6100_LMT.txt
2015-01-14 15:53 - 2013-08-21 23:20 - 00001529 _____ () C:\Windows\system32\Drivers\A6100.txt
2015-01-14 15:52 - 2015-01-14 15:52 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-14 15:52 - 2015-01-14 15:52 - 00000000 ____D () C:\Users\StandartAdmin\Downloads\NETGEAR
2015-01-14 15:48 - 2015-01-17 06:53 - 00000680 _____ () C:\Users\StandartAdmin\AppData\Local\d3d9caps.dat
2015-01-14 15:48 - 2015-01-17 06:52 - 00000991 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-14 15:48 - 2015-01-15 15:22 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\VirtualStore
2015-01-14 15:48 - 2015-01-15 15:21 - 00000915 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-01-14 15:48 - 2015-01-14 15:58 - 00000000 ____D () C:\Users\StandartAdmin
2015-01-14 15:48 - 2015-01-14 15:48 - 00048600 _____ () C:\Users\StandartAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 15:48 - 2015-01-14 15:48 - 00000944 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-14 15:48 - 2015-01-14 15:48 - 00000020 ___SH () C:\Users\StandartAdmin\ntuser.ini
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Startmenü
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Netzwerkumgebung
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Druckumgebung
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Documents\Eigene Musik
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Documents\Eigene Bilder
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\AppData\Local\Verlauf
2015-01-14 15:48 - 2008-01-21 03:56 - 00000000 ___RD () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 15:48 - 2008-01-21 03:56 - 00000000 ___RD () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-14 15:37 - 2015-01-14 15:37 - 00000604 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
2015-01-14 15:36 - 2015-01-14 15:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf
2015-01-14 15:32 - 2015-01-14 15:36 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-01-14 15:30 - 2015-01-14 15:37 - 00000000 ____D () C:\Windows\Panther
2015-01-14 15:30 - 2015-01-14 15:30 - 00008192 ___RS () C:\BOOTSECT.BAK
2015-01-14 15:30 - 2009-04-10 23:36 - 00333257 __RSH () C:\bootmgr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-17 06:53 - 2008-01-21 04:02 - 00008720 _____ () C:\Windows\PFRO.log
2015-01-17 06:53 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-17 06:53 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-17 06:53 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 06:52 - 2008-01-21 02:38 - 00058827 _____ () C:\Windows\WindowsUpdate.log
2015-01-17 06:52 - 2006-11-02 13:58 - 00005996 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-16 13:33 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-16 13:15 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2015-01-16 13:15 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2015-01-16 13:11 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-01-16 12:59 - 2008-01-21 09:21 - 01557964 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 15:55 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-01-15 15:52 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-15 15:19 - 2006-11-02 13:44 - 00228840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 16:42 - 2008-01-21 09:20 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Collaboration
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Calendar
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Movie Maker
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-TW
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-CN
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sv-SE
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\SLUI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ru-RU
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nb-NO
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\it-IT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hu-HU
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fi-FI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\el-GR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\IME
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-14 16:40 - 2006-11-02 13:49 - 00079818 _____ () C:\Windows\setupact.log
2015-01-14 15:53 - 2006-11-02 13:35 - 00000000 ____D () C:\Windows\system32\restore
2015-01-14 15:46 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-14 15:32 - 2006-11-02 13:45 - 00003257 _____ () C:\Windows\DtcInstall.log
2015-01-14 15:30 - 2006-11-02 13:41 - 00041984 ____H () C:\Windows\system32\config\BCD-Template.LOG
2015-01-14 15:30 - 2006-11-02 13:35 - 00262144 _____ () C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories =======
2015-01-15 16:30 - 2015-01-15 16:30 - 0000046 _____ () C:\Users\StandartAdmin\AppData\Roaming\WB.CFG
2015-01-14 15:48 - 2015-01-17 06:53 - 0000680 _____ () C:\Users\StandartAdmin\AppData\Local\d3d9caps.dat

Some content of TEMP:
====================
C:\Users\StandartAdmin\AppData\Local\temp\Quarantine.exe
C:\Users\StandartAdmin\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-16 13:02

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows Vista (TM) Home Basic x86
Ran by StandartAdmin on 17.01.2015 at  7:20:17,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\StandartAdmin\AppData\Roaming\mozilla\firefox\profiles\huhjldri.default\prefs.js

user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");
user_pref("browser.search.searchengine.ptid", "smt");
user_pref("browser.search.searchengine.uid", "ST3160815AS_6RAELTTAXXXX6RAELTTA");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.01.2015 at  7:21:41,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 17.01.2015
Scan Time: 06:57:46
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.01.16.14
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: StandartAdmin

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 301590
Time Elapsed: 16 min, 20 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 1
Trojan.ZbotR.Gen, HKU\S-1-5-21-994520407-3949958976-4116058162-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|{0745BD7F-2934-C113-7518-780DB45B31FD}, C:\Users\StandartAdmin\AppData\Roaming\Uxgi\tisi.exe, Quarantined, [918d1eda3a4f62d4ef01d1b41ee647b9]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         

Alt 17.01.2015, 17:05   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 18.01.2015, 17:02   #10
dhx
 
Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Hallo Schrauber,
Ich bitte noch um 2 Tage verzögerung wegen meiner Arbeit.
MfG. Dhx

Alt 18.01.2015, 18:55   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



kein Ding
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.01.2015, 12:55   #12
dhx
 
Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Am Freitag kommen die Logs! Hab sehr viel zu tun! MfG dhx

Alt 22.01.2015, 16:44   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.01.2015, 16:42   #14
dhx
 
Windows Vista: Trojaner mit Tücken - Beitrag

Windows Vista: Trojaner mit Tücken



Code:
ATTFilter
 Results of screen317's Security Check version 0.99.93  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	16.0.0.257  
 Mozilla Firefox (34.0.5) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c9e0558d1df5954b9433b7e7bd3710f3
# engine=22013
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-17 02:33:22
# local_time=2015-01-17 03:33:22 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 95 255040 259037974 0 0
# scanned=58421
# found=4
# cleaned=4
# scan_time=612
sh=EEAF6ECD24DE592CF93A2CAE458696092E95E0FE ft=1 fh=91033ff7caa81cc6 vn="Win32/Thinknice.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\XTab\SupTab.dll.vir"
sh=AF36570D737043FEBEC5FA3DDB416A4CF5FDFBE9 ft=1 fh=c71c0011100f33aa vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=9A826E0DC2CC157D728C1046B727F1441BD3C105 ft=1 fh=a6d8e183c023c8f8 vn="Variante von Win32/Spy.Zbot.YW Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Qoobox\Quarantine\C\Users\StandartAdmin\AppData\Roaming\Uxgi\tisi.exe.vir"
sh=7669F3D56E0CD22381C7EACE00B9D3B1DD41BF07 ft=1 fh=fc296988becdd3eb vn="Win32/Somoto.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\StandartAdmin\Downloads\Core-Temp-installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2015 01
Ran by StandartAdmin (administrator) on HOME-PC on 18-01-2015 12:05:17
Running from C:\Users\StandartAdmin\Desktop
Loaded Profiles: StandartAdmin (Available profiles: StandartAdmin)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\NETGEAR\A6100\RtlService.exe
(NETGEAR) C:\Program Files\NETGEAR\A6100\A6100.EXE
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1085512 2015-01-12] (The Eraser Project)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files\NETGEAR\A6100\RtlService.exe (Realtek Semiconductor Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-994520407-3949958976-4116058162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49366;https=127.0.0.1:49366;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.<!doctype html><html lang="en-US"><head><meta http-equiv="X-UA-Compatible" content="IE=Edge"/><meta http-equiv="content-type" content="text/html; charset=UTF-8"><link rel="apple-touch-icon" sizes="72x72" href="hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/web/?type=dspp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA&q={searchTerms}
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default
FF Homepage: hxxp://www.<!doctype html><html lang=\"en-US\"><head><meta http-equiv=\"X-UA-Compatible\" content=\"IE=Edge\"/><meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\"><link rel=\"apple-touch-icon\" sizes=\"72x72\" href=\"hxxp://l.yimg.com/pv/static/img/yahoo_purple_i?a{????.com/?type=hppp&ts=1421332186&from=smt&uid=ST3160815AS_6RAELTTAXXXX6RAELTTA
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Extension: Adblock Edge - C:\Users\StandartAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\huhjldri.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-01-17]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Realtek8723AU; C:\Program Files\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (Realtek Semiconductor Corp.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 A6100; C:\Windows\System32\DRIVERS\A6100.sys [2444504 2013-07-08] (Realtek Semiconductor Corporation                           )
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Users\STANDA~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 12:05 - 2015-01-18 12:05 - 00006235 _____ () C:\Users\StandartAdmin\Desktop\FRST.txt
2015-01-17 16:17 - 2015-01-17 16:17 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-17 16:17 - 2015-01-17 16:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-17 16:17 - 2015-01-17 16:17 - 00000000 ____D () C:\Windows\system32\Macromed
2015-01-17 16:17 - 2015-01-17 16:17 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Macromedia
2015-01-17 16:17 - 2015-01-17 16:17 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Adobe
2015-01-17 16:17 - 2015-01-17 16:17 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Macromedia
2015-01-17 16:16 - 2015-01-17 16:17 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Adobe
2015-01-17 15:41 - 2015-01-17 15:41 - 00002052 _____ () C:\Windows\epplauncher.mif
2015-01-17 15:18 - 2015-01-17 15:18 - 02347384 _____ (ESET) C:\Users\StandartAdmin\Downloads\esetsmartinstaller_deu.exe
2015-01-17 15:18 - 2015-01-17 15:18 - 00000000 ____D () C:\Program Files\ESET
2015-01-17 15:14 - 2015-01-17 15:14 - 00852504 _____ () C:\Users\StandartAdmin\Desktop\SecurityCheck.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 12369920 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 09740800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-01-17 15:07 - 2015-01-17 15:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-17 15:07 - 2015-01-17 15:07 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-17 15:07 - 2015-01-17 15:07 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00434176 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-01-17 15:07 - 2015-01-17 15:07 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00353584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-01-17 15:07 - 2015-01-17 15:07 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-01-17 15:07 - 2015-01-17 15:07 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-01-17 15:07 - 2015-01-17 15:07 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-01-17 15:06 - 2015-01-17 15:06 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 01554432 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 01075712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00979456 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00797184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-01-17 15:06 - 2015-01-17 15:06 - 00638336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-01-17 15:06 - 2015-01-17 15:06 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-01-17 15:06 - 2015-01-17 15:06 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-01-17 15:06 - 2015-01-17 15:06 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2015-01-17 15:05 - 2015-01-17 15:05 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-17 15:05 - 2015-01-17 15:05 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-01-17 15:05 - 2015-01-17 15:05 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-01-17 15:05 - 2015-01-17 15:05 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-01-17 15:05 - 2015-01-17 15:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2015-01-17 15:05 - 2015-01-17 15:05 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2015-01-17 15:05 - 2015-01-17 15:05 - 00189440 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-01-17 15:03 - 2015-01-17 15:08 - 00004676 _____ () C:\Windows\IE9_main.log
2015-01-17 15:02 - 2015-01-17 15:03 - 18733360 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\IE9-WindowsVista-x86-deu.exe
2015-01-17 07:20 - 2015-01-17 07:20 - 01707939 _____ (Thisisu) C:\Users\StandartAdmin\Downloads\JRT.exe
2015-01-17 07:20 - 2015-01-17 07:20 - 00000000 ____D () C:\Windows\ERUNT
2015-01-17 06:55 - 2015-01-17 06:55 - 00000000 ____D () C:\Users\StandartAdmin\Desktop\FRST-OlderVersion
2015-01-17 06:54 - 2015-01-18 12:04 - 00000000 ____D () C:\Users\StandartAdmin\Desktop\ogs
2015-01-17 06:50 - 2015-01-17 06:52 - 00000000 ____D () C:\AdwCleaner
2015-01-16 13:15 - 2015-01-16 13:15 - 00008141 _____ () C:\ComboFix.txt
2015-01-16 13:04 - 2015-01-16 13:15 - 00000000 ____D () C:\Qoobox
2015-01-16 13:04 - 2015-01-16 13:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-16 13:04 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-16 13:04 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-16 13:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-16 13:04 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-16 13:02 - 2015-01-16 12:51 - 05609736 ____R (Swearware) C:\Users\StandartAdmin\Desktop\ComboFix.exe
2015-01-16 13:01 - 2015-01-16 13:01 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\StandartAdmin\Downloads\TDSSKiller42.exe
2015-01-15 16:58 - 2015-01-15 16:58 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Eraser 6
2015-01-15 16:55 - 2015-01-18 12:05 - 00000000 ____D () C:\FRST
2015-01-15 16:51 - 2015-01-15 16:51 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Toiqon
2015-01-15 16:48 - 2015-01-15 16:48 - 00001670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eraser.lnk
2015-01-15 16:48 - 2015-01-15 16:48 - 00001658 _____ () C:\Users\Public\Desktop\Eraser.lnk
2015-01-15 16:48 - 2015-01-15 16:48 - 00000000 ____D () C:\Program Files\Eraser
2015-01-15 16:31 - 2015-01-15 16:31 - 02191360 _____ () C:\Users\StandartAdmin\Desktop\AdwCleaner.exe
2015-01-15 16:30 - 2015-01-15 16:30 - 00000046 _____ () C:\Users\StandartAdmin\AppData\Roaming\WB.CFG
2015-01-15 16:29 - 2015-01-17 06:55 - 01117696 _____ (Farbar) C:\Users\StandartAdmin\Desktop\FRST.exe
2015-01-15 15:49 - 2015-01-15 15:49 - 00000000 ____D () C:\Program Files\Microsoft.NET
2015-01-15 15:48 - 2009-11-08 18:55 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-01-15 15:48 - 2009-11-08 18:55 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-01-15 15:48 - 2009-11-08 18:55 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-01-15 15:46 - 2015-01-15 15:46 - 08317032 _____ (The Eraser Project) C:\Users\StandartAdmin\Downloads\Eraser_6.2.0.2962.exe
2015-01-15 15:44 - 2015-01-15 15:44 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\WinRAR
2015-01-15 15:42 - 2015-01-15 15:42 - 00001057 _____ () C:\Users\StandartAdmin\Desktop\Revo Uninstaller.lnk
2015-01-15 15:42 - 2015-01-15 15:42 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-15 15:41 - 2015-01-15 15:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\StandartAdmin\Downloads\revosetup.exe
2015-01-15 15:36 - 2015-01-17 06:57 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-15 15:35 - 2015-01-15 15:35 - 00000899 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-15 15:35 - 2015-01-15 15:35 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-01-15 15:35 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-15 15:35 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-15 15:35 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-15 15:34 - 2015-01-15 15:35 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\StandartAdmin\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-15 15:27 - 2015-01-15 15:27 - 00000940 _____ () C:\Users\StandartAdmin\Desktop\Core Temp.lnk
2015-01-15 15:27 - 2015-01-15 15:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2015-01-15 15:27 - 2015-01-15 15:27 - 00000000 ____D () C:\Program Files\Core Temp
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\vi-VN
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\eu-ES
2015-01-14 16:42 - 2015-01-14 16:42 - 00000000 ____D () C:\Windows\system32\ca-ES
2015-01-14 16:27 - 2015-01-14 16:27 - 00000000 ____D () C:\Windows\system32\SPReview
2015-01-14 16:20 - 2009-04-10 23:28 - 00928768 _____ (Microsoft Corporation) C:\Windows\system32\scavenge.dll
2015-01-14 16:20 - 2009-04-10 23:27 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\compcln.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00986600 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00926184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-01-14 16:19 - 2009-04-10 23:33 - 00897000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-01-14 16:19 - 2009-04-10 23:33 - 00614376 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-01-14 16:19 - 2009-04-10 23:33 - 00292840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 03601896 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 16:19 - 2009-04-10 23:32 - 03549672 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:19 - 2009-04-10 23:32 - 01083880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00527848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00439784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00438744 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00265688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00245736 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00226280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00223208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00190424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00180712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00161752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00149480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00141288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00125928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00122344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Storport.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00109032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00099816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-01-14 16:19 - 2009-04-10 23:32 - 00054248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00053736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00053224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00050664 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2015-01-14 16:19 - 2009-04-10 23:32 - 00048104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00043496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00035304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00027624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Dumpata.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00027112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00019944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2015-01-14 16:19 - 2009-04-10 23:32 - 00017896 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00017384 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-01-14 16:19 - 2009-04-10 23:32 - 00014312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2015-01-14 16:19 - 2009-04-10 23:28 - 11584000 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 10624512 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 06103040 _____ (Microsoft Corporation) C:\Windows\system32\chtbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 03174400 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 03072000 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02515968 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02226688 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02225664 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02205184 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02167808 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02153472 _____ (Microsoft Corporation) C:\Windows\system32\oobefldr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02134528 _____ (Microsoft Corporation) C:\Windows\system32\FunctionDiscoveryFolder.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 02012160 _____ (Microsoft Corporation) C:\Windows\system32\milcore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01985024 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01856512 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01823744 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01788416 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
         


Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 23:28 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\apds.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01696768 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01695232 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01671680 _____ (Microsoft Corporation) C:\Windows\system32\chsbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01591296 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01589248 _____ (Microsoft Corporation) C:\Windows\system32\msjet40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01580544 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01576960 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01575936 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01533440 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01502720 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01480704 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01459200 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01382912 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01342464 _____ (Microsoft Corporation) C:\Windows\system32\brcpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01336320 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01324032 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01316864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01224192 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01183232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01152000 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\wercon.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01135104 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01123840 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01107968 _____ (Microsoft Corporation) C:\Windows\system32\pidgenx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01081344 _____ (Microsoft Corporation) C:\Windows\system32\SLCExt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01078784 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01055232 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 01053696 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00971264 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00968192 _____ (Microsoft Corporation) C:\Windows\system32\wcnwiz2.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00869888 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00860160 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\mswdat10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\rasdlg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00777216 _____ (Microsoft Corporation) C:\Windows\system32\slcc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\ipsecsnp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00679936 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00670720 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00657408 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00644608 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\msrepl40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\rasgcw.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00618496 _____ (Microsoft Corporation) C:\Windows\system32\mswstr10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00612864 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00550400 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\pnpui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00532992 _____ (Microsoft Corporation) C:\Windows\system32\wpcao.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00516608 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00507904 _____ (Microsoft Corporation) C:\Windows\system32\vdsdyn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00476672 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00469504 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00466944 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\IasMigReader.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\msxbde40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00454144 _____ (Microsoft) C:\Windows\system32\IasMigPlugin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\dsound.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00441344 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00438784 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\msexch40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\msvcp60.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00378368 _____ (Microsoft Corporation) C:\Windows\system32\devmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rasplap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\mspbde40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00364032 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00361984 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\msrd3x40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\RelMon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00334848 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\msrd2x40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\thawbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\WscEapPr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\msjtes40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\modemui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00286720 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\w32time.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\mstext40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\wow32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iassdo.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\msltus40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\wscntfy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\mscandui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\adsldpc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\offfilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\sperror.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\iassam.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\pnpsetup.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
         

Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 23:28 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\WcnNetsh.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\wevtutil.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00163328 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\spoolss.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\rasmontr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\fundisc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\korwbrkr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wpcsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\dsprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\nlhtml.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\softkbd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\ntmarta.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00117248 _____ () C:\Windows\system32\EhStorAuthn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\EhStorShell.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\imapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\dmsynth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\dmusic.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\ulib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\powrprof.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2015-01-14 16:19 - 2009-04-10 23:28 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\wshext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\fdBth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\msctfui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mstlsapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\msctfp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00083456 _____ (Microsoft) C:\Windows\system32\SMBHelperClass.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\wlgpclnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\iassvcs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\propdefs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\iashlpr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\sendmail.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\PNPXAssoc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\fdWCN.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\mpr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\tscupgrd.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\msjter40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\xmlfilter.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Storprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\feclient.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\mmci.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\l2nacp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\bthci.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dataclen.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msstrc.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\bthserv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\networkitemfactory.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\TSTheme.exe
2015-01-14 16:19 - 2009-04-10 23:28 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\rtffilt.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\EhStorPwdMgr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\msscb.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iaspolcy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\perfdisk.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\bitsigd.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\whealogr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msimtf.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\ifmon.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\wsepno.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\uxsms.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\hidserv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msjint40.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\version.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\winrnr.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\NcdProp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\MsCtfMonitor.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wscisvif.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\vdmdbg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\midimap.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\spcmsg.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mmcico.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\spwinsat.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\CHxReadingStringIME.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\fdBthProxy.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-01-14 16:19 - 2009-04-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-01-14 16:19 - 2009-04-10 23:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 03408896 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 02926592 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 02092544 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\wscui.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01202168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 01122304 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 01102848 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-01-14 16:19 - 2009-04-10 23:27 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00643072 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2015-01-14 16:19 - 2009-04-10 23:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00518144 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00407040 _____ (Microsoft Corporation) C:\Windows\system32\dpapimig.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-01-14 16:19 - 2009-04-10 23:27 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00280064 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2015-01-14 16:19 - 2009-04-10 23:27 - 00241128 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\drvinst.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00177664 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-01-14 16:19 - 2009-04-10 23:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00130024 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2015-01-14 16:19 - 2009-04-10 23:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\dwm.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2015-01-14 16:19 - 2009-04-10 23:27 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\hdwwiz.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingWizard.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\reg.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\cipher.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\cmmon32.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\csrstub.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cbsra.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\rekeywiz.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
         

Code:
ATTFilter
2015-01-14 16:19 - 2009-04-10 23:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\PnPutil.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\ipconfig.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEject.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\msacm32.drv
2015-01-14 16:19 - 2009-04-10 23:27 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\fc.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\rasdial.exe
2015-01-14 16:19 - 2009-04-10 23:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\gpupdate.exe
2015-01-14 16:19 - 2009-04-10 23:23 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2015-01-14 16:19 - 2009-04-10 23:23 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00883712 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2015-01-14 16:19 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2015-01-14 16:19 - 2009-04-10 23:22 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\f3ahvoas.dll
2015-01-14 16:19 - 2009-04-10 22:42 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2015-01-14 16:19 - 2009-04-10 22:03 - 12240896 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0007.dll
2015-01-14 16:19 - 2009-04-10 22:03 - 02644480 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0009.dll
2015-01-14 16:19 - 2009-04-10 21:57 - 08147456 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-01-14 16:19 - 2009-04-10 21:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-14 16:19 - 2009-04-10 21:51 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-01-14 16:19 - 2009-04-10 21:48 - 00344698 _____ () C:\Windows\system32\eaphost.tmf
2015-01-14 16:19 - 2009-04-10 21:47 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00208966 _____ () C:\Windows\system32\WFP.TMF
2015-01-14 16:19 - 2009-04-10 21:46 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rassstp.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspppoe.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-01-14 16:19 - 2009-04-10 21:46 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2015-01-14 16:19 - 2009-04-10 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\smb.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 02499629 _____ () C:\Windows\system32\wlan.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00442788 _____ () C:\Windows\system32\dot3.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00392170 _____ () C:\Windows\system32\onex.tmf
2015-01-14 16:19 - 2009-04-10 21:43 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-01-14 16:19 - 2009-04-10 21:43 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00561152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-01-14 16:19 - 2009-04-10 21:42 - 00052992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2015-01-14 16:19 - 2009-04-10 21:42 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-01-14 16:19 - 2009-04-10 21:39 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\iscsilog.dll
2015-01-14 16:19 - 2009-04-10 21:38 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-01-14 16:19 - 2009-04-10 21:38 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-01-14 16:19 - 2009-04-10 21:27 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-01-14 16:19 - 2009-04-10 21:24 - 02034688 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-14 16:19 - 2009-04-10 21:23 - 00289792 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-01-14 16:19 - 2009-04-10 21:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxg.sys
2015-01-14 16:19 - 2009-04-10 21:22 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\watchdog.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-01-14 16:19 - 2009-04-10 21:15 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-01-14 16:19 - 2009-04-10 21:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2015-01-14 16:19 - 2009-04-10 21:13 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2015-01-14 16:19 - 2009-04-10 21:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2015-01-14 16:19 - 2009-04-10 21:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-14 16:19 - 2009-04-10 19:52 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spsys.sys
2015-01-14 16:19 - 2009-04-10 18:59 - 00107612 _____ () C:\Windows\system32\StructuredQuerySchema.bin
2015-01-14 16:19 - 2009-04-10 18:59 - 00018904 _____ () C:\Windows\system32\StructuredQuerySchemaTrivial.bin
2015-01-14 16:19 - 2009-04-10 18:54 - 03662128 _____ () C:\Windows\system32\locale.nls
2015-01-14 16:19 - 2009-03-29 21:42 - 00155456 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-01-14 16:19 - 2009-03-29 21:42 - 00080720 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-01-14 16:19 - 2009-03-06 18:11 - 00130008 _____ () C:\Windows\system32\systemsf.ebd
2015-01-14 16:19 - 2009-02-19 17:20 - 00009239 _____ () C:\Windows\system32\spcinstrumentation.man
2015-01-14 16:19 - 2009-02-19 17:20 - 00009212 _____ () C:\Windows\system32\RacUR.xml
2015-01-14 16:19 - 2009-02-18 11:43 - 00000153 _____ () C:\Windows\system32\RacUREx.xml
2015-01-14 16:19 - 2009-02-18 11:39 - 00779136 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-01-14 16:19 - 2009-02-18 11:39 - 00102816 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-14 16:19 - 2009-02-18 11:39 - 00092918 _____ () C:\Windows\system32\slmgr.vbs
2015-01-14 16:19 - 2009-02-18 11:39 - 00035680 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-01-14 16:19 - 2009-02-18 11:38 - 11967524 _____ () C:\Windows\system32\korwbrkr.lex
2015-01-14 16:19 - 2009-02-18 11:38 - 00619864 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-01-14 16:19 - 2009-02-18 11:38 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-01-14 16:19 - 2009-02-18 11:38 - 00035168 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2015-01-14 16:19 - 2009-02-18 11:38 - 00009048 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-01-14 16:16 - 2015-01-14 16:16 - 00000000 ____D () C:\Windows\system32\EventProviders
2015-01-14 16:06 - 2015-01-14 16:15 - 365230920 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\Windows6.0-KB948465-X86.exe
2015-01-14 16:05 - 2015-01-14 16:05 - 11473216 _____ (Microsoft Corporation) C:\Users\StandartAdmin\Downloads\mseinstall.exe
2015-01-14 16:02 - 2015-01-14 16:02 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Mozilla
2015-01-14 16:02 - 2015-01-14 16:02 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\Mozilla
2015-01-14 16:00 - 2015-01-14 16:00 - 00057654 _____ () C:\Windows\OEMLogo.bmp
2015-01-14 15:57 - 2015-01-14 15:57 - 00001634 _____ () C:\Users\Public\Desktop\Recuva.lnk
2015-01-14 15:57 - 2015-01-14 15:57 - 00000000 ____D () C:\Program Files\Recuva
2015-01-14 15:56 - 2015-01-17 06:52 - 00000858 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-14 15:56 - 2015-01-17 06:52 - 00000846 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\ProgramData\Mozilla
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\WinRAR
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-14 15:56 - 2015-01-14 15:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-14 15:53 - 2015-01-14 15:53 - 00001947 _____ () C:\Users\Public\Desktop\NETGEAR A6100 Genie.lnk
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\NETGEAR
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR A6100 Genie
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\NETGEAR
2015-01-14 15:53 - 2015-01-14 15:53 - 00000000 ____D () C:\Program Files\installshield installation information
2015-01-14 15:53 - 2013-08-21 23:20 - 00006588 _____ () C:\Windows\system32\Drivers\A6100_LMT.txt
2015-01-14 15:53 - 2013-08-21 23:20 - 00001529 _____ () C:\Windows\system32\Drivers\A6100.txt
2015-01-14 15:52 - 2015-01-14 15:52 - 00000000 ____D () C:\Windows\Downloaded Installations
2015-01-14 15:52 - 2015-01-14 15:52 - 00000000 ____D () C:\Users\StandartAdmin\Downloads\NETGEAR
2015-01-14 15:48 - 2015-01-18 11:50 - 00000680 _____ () C:\Users\StandartAdmin\AppData\Local\d3d9caps.dat
2015-01-14 15:48 - 2015-01-17 15:11 - 00000949 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-14 15:48 - 2015-01-15 15:22 - 00000000 ____D () C:\Users\StandartAdmin\AppData\Local\VirtualStore
2015-01-14 15:48 - 2015-01-15 15:21 - 00000915 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-01-14 15:48 - 2015-01-14 15:58 - 00000000 ____D () C:\Users\StandartAdmin
2015-01-14 15:48 - 2015-01-14 15:48 - 00048600 _____ () C:\Users\StandartAdmin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-14 15:48 - 2015-01-14 15:48 - 00000944 _____ () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-01-14 15:48 - 2015-01-14 15:48 - 00000020 ___SH () C:\Users\StandartAdmin\ntuser.ini
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Startmenü
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Netzwerkumgebung
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Druckumgebung
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Documents\Eigene Musik
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\Documents\Eigene Bilder
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:48 - 2015-01-14 15:48 - 00000000 _SHDL () C:\Users\StandartAdmin\AppData\Local\Verlauf
2015-01-14 15:48 - 2008-01-21 03:56 - 00000000 ___RD () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-14 15:48 - 2008-01-21 03:56 - 00000000 ___RD () C:\Users\StandartAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-01-14 15:46 - 2015-01-14 15:46 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-01-14 15:37 - 2015-01-14 15:37 - 00000604 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
2015-01-14 15:36 - 2015-01-14 15:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_00_00.Wdf
2015-01-14 15:32 - 2015-01-14 15:36 - 00001355 _____ () C:\Windows\TSSysprep.log
2015-01-14 15:30 - 2015-01-14 15:37 - 00000000 ____D () C:\Windows\Panther
2015-01-14 15:30 - 2015-01-14 15:30 - 00008192 ___RS () C:\BOOTSECT.BAK
2015-01-14 15:30 - 2009-04-10 23:36 - 00333257 __RSH () C:\bootmgr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-18 11:54 - 2008-01-21 09:21 - 01557964 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-18 11:53 - 2008-01-21 02:38 - 00081051 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 11:50 - 2006-11-02 13:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-18 11:50 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-18 11:50 - 2006-11-02 13:45 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-17 16:43 - 2006-11-02 13:58 - 00007130 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-17 15:33 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2015-01-17 15:10 - 2008-01-21 04:02 - 00009074 _____ () C:\Windows\PFRO.log
2015-01-17 15:09 - 2008-01-21 09:20 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2015-01-17 15:09 - 2006-11-02 12:18 - 00000000 ___RD () C:\Windows\Offline Web Pages
2015-01-17 15:09 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2015-01-17 15:07 - 2006-11-02 07:32 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2015-01-17 15:07 - 2006-11-02 07:32 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2015-01-16 13:33 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-16 13:15 - 2006-11-02 12:18 - 00000000 __RHD () C:\Users\Default
2015-01-16 13:15 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2015-01-16 13:11 - 2006-11-02 11:23 - 00000215 _____ () C:\Windows\system.ini
2015-01-15 15:19 - 2006-11-02 13:44 - 00228840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Collaboration
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Windows Calendar
2015-01-14 16:42 - 2006-11-02 13:35 - 00000000 ____D () C:\Program Files\Movie Maker
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-TW
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\zh-CN
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\th-TH
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sv-SE
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\SLUI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ru-RU
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-PT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pt-BR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\pl-PL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nl-NL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\nb-NO
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ko-KR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ja-JP
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\it-IT
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hu-HU
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\he-IL
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fr-FR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\fi-FI
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\et-EE
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\el-GR
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\IME
2015-01-14 16:42 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Common Files\System
2015-01-14 16:40 - 2006-11-02 13:49 - 00079818 _____ () C:\Windows\setupact.log
2015-01-14 15:53 - 2006-11-02 13:35 - 00000000 ____D () C:\Windows\system32\restore
2015-01-14 15:46 - 2006-11-02 12:18 - 00000000 ____D () C:\Program Files\Windows NT
2015-01-14 15:32 - 2006-11-02 13:45 - 00003257 _____ () C:\Windows\DtcInstall.log
2015-01-14 15:30 - 2006-11-02 13:41 - 00041984 ____H () C:\Windows\system32\config\BCD-Template.LOG
2015-01-14 15:30 - 2006-11-02 13:35 - 00262144 _____ () C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories =======
2015-01-15 16:30 - 2015-01-15 16:30 - 0000046 _____ () C:\Users\StandartAdmin\AppData\Roaming\WB.CFG
2015-01-14 15:48 - 2015-01-18 11:50 - 0000680 _____ () C:\Users\StandartAdmin\AppData\Local\d3d9caps.dat

Some content of TEMP:
====================
C:\Users\StandartAdmin\AppData\Local\temp\Quarantine.exe
C:\Users\StandartAdmin\AppData\Local\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-18 11:55

==================== End Of Log ============================
         
--- --- ---




Alt 23.01.2015, 19:59   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Vista: Trojaner mit Tücken - Standard

Windows Vista: Trojaner mit Tücken



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-994520407-3949958976-4116058162-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49366;https=127.0.0.1:49366;
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows Vista: Trojaner mit Tücken
blick, eingefangen, freue, gefangen, gen, langsam, nicht mehr, reagiert, registry, sehr langsam, taskma, taskmanager, troja, trojaner, trojaner eingefangen, trojaner-board, tücken, vista, werfen, windows, windows vista, würde



Ähnliche Themen: Windows Vista: Trojaner mit Tücken


  1. GVU - Trojaner in Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 09.12.2013 (2)
  2. Windows Vista Trojaner
    Log-Analyse und Auswertung - 09.10.2013 (17)
  3. GVU Trojaner auf windows vista
    Plagegeister aller Art und deren Bekämpfung - 02.09.2013 (1)
  4. gvu trojaner windows vista
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (23)
  5. GVU Trojaner Windows Vista
    Log-Analyse und Auswertung - 17.05.2013 (9)
  6. GVU-Trojaner auf Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (1)
  7. GVU Trojaner Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 10.03.2013 (22)
  8. GVU Trojaner auf Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 28.01.2013 (16)
  9. GVU Trojaner auf Windows Vista PC
    Log-Analyse und Auswertung - 22.01.2013 (21)
  10. GVU- Trojaner Windows Vista
    Log-Analyse und Auswertung - 20.01.2013 (7)
  11. GVU Trojaner , Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (23)
  12. BKA Trojaner Windows Vista 32 Bit
    Log-Analyse und Auswertung - 25.11.2012 (6)
  13. GVU Trojaner 2.07 auf Windows Vista
    Log-Analyse und Auswertung - 28.10.2012 (24)
  14. GVU TROJANER 2.07 WIndows Vista
    Log-Analyse und Auswertung - 10.08.2012 (3)
  15. Infiziert mit Windows-Verschlüsselungs Trojaner -Mail mit Telefonrechnung - windows vista
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (12)
  16. Windows Vista Home Premium 32-Bit Trojaner Windows gesperrt 50€ zahlen.
    Log-Analyse und Auswertung - 23.01.2012 (1)
  17. Datenträgerbereinigung und ihre Tücken
    Alles rund um Windows - 30.01.2006 (8)

Zum Thema Windows Vista: Trojaner mit Tücken - Hallo liebes Trojaner-Board Team, ich habe das Gefühl, dass ich mir einen Trojaner eingefangen habe. Er reagiert sehr langsam und der Taskmanager und die Registry lassen sich nicht mehr öffnen. - Windows Vista: Trojaner mit Tücken...
Archiv
Du betrachtest: Windows Vista: Trojaner mit Tücken auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.