Katschmorayk | 21.05.2014 18:23 | Da mein Browser immer abgestürzt ist als ich Revo Uninstaller installieren wollte habe ich das mit ComboFix gemacht.
Als das Programm die Logdateien vorbereitet hat kamen ununterbrochen Fehlermeldungen: hxxp://www11.pic-upload.de/21.05.14/tcrwkj5by85.jpg (hxxp zu http umändern)
Ich weiss nicht ob es wichtig ist, ich wollte es trotzdem gesagt haben.
Nun die Log Datei: Code:
ComboFix 14-05-19.01 - Merlin 21.05.2014 18:23:56.1.8 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.8134.5574 [GMT 2:00]
ausgeführt von:: c:\users\Merlin\Desktop\ComboFix.exe
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LyricsPal
c:\program files (x86)\LyricsPal\116.crx
c:\program files (x86)\LyricsPal\116.dat
c:\program files (x86)\LyricsPal\116.xpi
c:\program files (x86)\LyricsPal\sqlite3.dll
c:\program files (x86)\LyricsPal\Uninstall.exe
c:\programdata\1394842492.bdinstall.bin
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0\23
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\background.html
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\crossriderManifest.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\manifest.xml
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\1_base.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\17_jQuery.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\182_openUrl.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\21_debug.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\22_resources.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\28_initializer.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\47_resources_background.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\64_appApiMessage.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\72_appApiValidation.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\userCode\background.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\extensionData\userCode\extension.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\actions\1.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\icon128.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\icon16.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\icons\icon48.png
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\chrome.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\cookie.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\message.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\pageAction.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\api\pageActionBG.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\background.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\app_api.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\bg_app_api.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\consts.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\cookie_store.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\crossriderAPI.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\delegate.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\events.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\extensionDataStore.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\installer.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\logFile.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\logging.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\onBGDocumentLoad.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\popupResource\newPopup.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\popupResource\popup.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\reports.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\storageWrapper.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\updateManager.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\util.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\lib\xhr.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\js\main.js
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\manifest.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\popup.html
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlnngnpogcdbohjhiaklmmpgmpbiecjm\1.26.22_0\version.json
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000129.ldb
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000155.ldb
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000187.ldb
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\000200.log
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\CURRENT
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\LOCK
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\LOG
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\LOG.old
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mlnngnpogcdbohjhiaklmmpgmpbiecjm\MANIFEST-000198
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0.localstorage-journal
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mlnngnpogcdbohjhiaklmmpgmpbiecjm_0.localstorage
c:\users\Merlin\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_ctypes.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_elementtree.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_hashlib.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_multiprocessing.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_socket.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\_ssl.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\pyexpat.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\pysqlite2._sqlite.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\python27.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\pythoncom27.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\PyWinTypes27.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\select.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\unicodedata.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32api.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32com.shell.shell.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32crypt.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32event.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32file.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32gui.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32inet.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32pdh.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32pipe.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32process.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32profile.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32security.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\win32ts.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\windows._lib_cacheinvalidation.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._animate.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._controls_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._core_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._gdi_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._html2.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._misc_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._windows_.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wx._wizard.pyd
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxbase294u_net_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxbase294u_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_adv_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_core_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_html_vc90.dll
c:\users\Merlin\AppData\Local\Temp\_MEI35242\wxmsw294u_webview_vc90.dll
c:\users\Merlin\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
c:\users\Merlin\AppData\Roaming\win32
D:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-04-21 bis 2014-05-21 ))))))))))))))))))))))))))))))
.
.
2014-05-21 16:37 . 2014-05-21 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-21 16:37 . 2014-05-21 16:37 -------- d-----w- c:\users\...Merlin\AppData\Local\temp
2014-05-20 17:27 . 2014-05-20 17:28 -------- d-----w- C:\FRST
2014-05-17 18:26 . 2014-05-06 05:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-17 18:26 . 2014-05-06 05:14 19274752 ----a-w- c:\windows\system32\mshtml.dll
2014-05-14 13:55 . 2014-05-14 13:55 -------- d-----w- C:\found.001
2014-05-10 13:03 . 2014-05-10 13:03 -------- d-----w- c:\windows\Sun
2014-05-10 13:03 . 2014-05-10 13:03 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-10 12:40 . 2014-05-10 12:40 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-04-25 19:02 . 2014-05-21 16:57 -------- d-----r- c:\users\Merlin\Google Drive
2014-04-22 22:42 . 2014-04-22 22:42 43152 ----a-w- c:\windows\avastSS.scr
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 18:34 . 2012-12-25 08:20 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-04-22 23:47 . 2012-07-26 08:14 78296 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-22 23:47 . 2012-07-26 08:14 694232 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-22 16:50 . 2013-02-28 19:29 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-03-22 16:50 . 2013-02-28 18:48 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-03-22 16:50 . 2013-02-28 18:48 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-03-22 16:42 . 2013-06-20 21:13 207008 ----a-w- c:\programdata\Microsoft\VBExpress\10.0\1031\ResourceCache.dll
2014-03-15 00:31 . 2014-03-15 00:22 74512 ----a-w- c:\windows\SysWow64\bdsandboxuiskin32.dll
2014-03-15 00:31 . 2014-03-15 00:15 74512 ----a-w- c:\windows\system32\bdsandboxuiskin32.dll
2014-03-14 23:23 . 2014-03-14 23:24 312744 ----a-w- c:\windows\system32\javaws.exe
2014-03-14 23:23 . 2014-03-14 23:23 189352 ----a-w- c:\windows\system32\javaw.exe
2014-03-14 23:23 . 2014-03-14 23:23 189352 ----a-w- c:\windows\system32\java.exe
2014-03-14 23:23 . 2014-03-14 23:23 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-03-07 00:48 . 2014-04-14 18:30 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-07 00:47 . 2014-04-14 18:30 2877952 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-07 00:08 . 2014-04-14 18:30 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-07 00:08 . 2014-04-14 18:30 2240000 ----a-w- c:\windows\system32\wininet.dll
2014-03-07 00:08 . 2014-04-14 18:30 1365504 ----a-w- c:\windows\system32\urlmon.dll
2014-03-07 00:08 . 2014-04-14 18:30 915968 ----a-w- c:\windows\system32\uxtheme.dll
2014-03-07 00:08 . 2014-04-14 18:30 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-07 00:08 . 2014-04-14 18:30 855552 ----a-w- c:\windows\system32\jscript.dll
2014-03-07 00:08 . 2014-04-14 18:30 3959808 ----a-w- c:\windows\system32\jscript9.dll
2014-03-07 00:08 . 2014-04-14 18:30 15404544 ----a-w- c:\windows\system32\ieframe.dll
2014-03-07 00:08 . 2014-04-14 18:30 2648576 ----a-w- c:\windows\system32\iertutil.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
[7] 2012-07-26 . 74DBAEC35366C4EE7670428808715A6A . 26624 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.2.9200.16384_none_7d217647be9d7466\asyncmac.sys
[7] 2012-07-26 . 74DBAEC35366C4EE7670428808715A6A . 26624 . . [6.2.9200.16384] .. c:\windows\system32\Drivers\asyncmac.sys
.
.
.
.
[7] 2012-07-26 . 4163ADE07DB51843AE31F65B94F5398D . 5632 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-null_31bf3856ad364e35_6.2.9200.16384_none_022f94e1a4c140be\null.sys
[7] 2012-07-26 . 4163ADE07DB51843AE31F65B94F5398D . 5632 . . [6.2.9200.16384] .. c:\windows\system32\Drivers\null.sys
.
.
[7] 2012-07-26 . 73DC722CE5DF26D7638CE2446F2655C7 . 117248 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.2.9200.16384_none_43076fb065d9deae\tdx.sys
[7] 2012-07-26 . 73DC722CE5DF26D7638CE2446F2655C7 . 117248 . . [6.2.9200.16384] .. c:\windows\system32\Drivers\tdx.sys
.
[7] 2012-07-26 . 310068BDA80B1D55C36580FD8A873FAF . 134144 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.2.9200.16384_none_d1b2ce1e27c2ab64\browser.dll
[7] 2012-07-26 . 310068BDA80B1D55C36580FD8A873FAF . 134144 . . [6.2.9200.16384] .. c:\windows\system32\browser.dll
.
[7] 2014-03-11 . F1DA34D64F2BA200D28A7451804E2FEE . 35840 . . [6.2.9200.16864] .. c:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16865_none_964bf2a21c01704e\lsass.exe
[7] 2012-09-20 . F702AB6181513303AB0FC8D59E52708B . 35840 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.16420_none_967229481be58d3b\lsass.exe
[7] 2012-09-20 . 3950680E83482D369B57BD2241730AB1 . 35840 . . [6.2.9200.20521] .. c:\windows\WinSxS\amd64_microsoft-windows-lsa-minwin_31bf3856ad364e35_6.2.9200.20985_none_96bfef95352f47fa\lsass.exe
[7] 2012-09-20 . F702AB6181513303AB0FC8D59E52708B . 35840 . . [6.2.9200.16420] .. c:\windows\system32\lsass.exe
.
[7] 2012-07-26 . 89519D29CBEC2121CA65CC29C4D345E0 . 255488 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-netman_31bf3856ad364e35_6.2.9200.16384_none_6886c2fadb94092a\netman.dll
[7] 2012-07-26 . 89519D29CBEC2121CA65CC29C4D345E0 . 255488 . . [6.2.9200.16384] .. c:\windows\system32\netman.dll
.
[7] 2012-07-26 . D598C44A7072D3108D8D8102EC5E07F7 . 826368 . . [7.6.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.2.9200.16384_none_7c5a6c5183364183\qmgr.dll
[7] 2012-07-26 . D598C44A7072D3108D8D8102EC5E07F7 . 826368 . . [7.6.9200.16384] .. c:\windows\system32\qmgr.dll
.
[7] 2012-07-26 . 1EC6E533C954BDDF2A37E7851A7E58FD . 817152 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.2.9200.16384_none_c2948360c7a43433\rpcss.dll
[7] 2012-07-26 . 1EC6E533C954BDDF2A37E7851A7E58FD . 817152 . . [6.2.9200.16384] .. c:\windows\system32\rpcss.dll
.
[7] 2012-09-20 . 8F226143046435C75C033B0C52E90FFE . 410624 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[7] 2012-09-20 . 8F226143046435C75C033B0C52E90FFE . 410624 . . [6.2.9200.16384] .. c:\windows\system32\services.exe
.
[7] 2012-07-26 . 3F215BF2D4D8D6756298B25B579772C2 . 769024 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.2.9200.16384_none_2f154a864b4cfb0d\spoolsv.exe
[7] 2012-07-26 . 3F215BF2D4D8D6756298B25B579772C2 . 769024 . . [6.2.9200.16384] .. c:\windows\system32\spoolsv.exe
.
[7] 2014-04-12 . 75DD70A14145499C9F7D903CF9A8C91B . 578048 . . [6.2.9200.16891] .. c:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_c87ee12f5ec0739b\winlogon.exe
[7] 2014-04-12 . 69ED828D121EA8FD0D84184DB60E2B06 . 578048 . . [6.2.9200.21012] .. c:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_c95fd5c6779c8076\winlogon.exe
[7] 2012-10-11 . BCF2036A0DD579E47C008C133550283E . 517120 . . [6.2.9200.16433] .. c:\windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[7] 2012-10-11 . BCF2036A0DD579E47C008C133550283E . 517120 . . [6.2.9200.16384] .. c:\windows\system32\winlogon.exe
.
.
[7] 2013-07-06 . 8A8DB47DDF6B2118DF4D1561CEA586B3 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16658_none_928a3d03619fc26f\comctl32.dll
[7] 2013-07-06 . 8A8DB47DDF6B2118DF4D1561CEA586B3 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16658_none_776622cb3175a40c\comctl32.dll
[7] 2013-07-04 . EC945242390DB1231D1BEB4787A15455 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.20765_none_794d7f0d2e9b2a42\comctl32.dll
[7] 2013-04-09 . 08B3A62B406421E7D4A03B2F93F6CFDA . 2516992 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef\comctl32.dll
[7] 2013-04-06 . 78C1A4668441CBACC25D34FB763B5782 . 2512896 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.20683_none_2abe9a298b310786\comctl32.dll
[7] 2012-07-26 . 03E223CC4AE2D2B55E400AD9C55449F6 . 652288 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_7762d5fd3178b04e\comctl32.dll
[7] 2012-07-25 . ABA350274707D09D91826ED8EAF886B5 . 2512896 . . [5.82] .. c:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f\comctl32.dll
[7] 2013-07-06 . 8A8DB47DDF6B2118DF4D1561CEA586B3 . 652288 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2012-07-26 . 9F5A8404ABE4BBABCD2821575B275E23 . 1297408 . . [2001.12.10130.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.2.9200.16384_none_857a823c6ff60f1a\comres.dll
[7] 2012-07-26 . 9F5A8404ABE4BBABCD2821575B275E23 . 1297408 . . [2001.12.10130.16384] .. c:\windows\system32\comres.dll
.
[7] 2013-07-13 . 5CE2742F063731EC10C1B2EE386A2C08 . 68096 . . [6.2.9200.16666] .. c:\windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[7] 2013-07-13 . 5CE2742F063731EC10C1B2EE386A2C08 . 68096 . . [6.2.9200.16384] .. c:\windows\system32\cryptsvc.dll
.
[7] 2012-07-26 . F9E01C2D9F8BC049E04CF5DC24A5F638 . 507904 . . [2001.12.10130.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.2.9200.16384_none_65b74681db81d620\es.dll
[7] 2012-07-26 . F9E01C2D9F8BC049E04CF5DC24A5F638 . 507904 . . [2001.12.10130.16384] .. c:\windows\system32\es.dll
.
[7] 2012-07-26 . DA66D6D4A0B77D57F5CF449B1231010F . 213504 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.2.9200.16384_none_b51fc57b042f32f9\imm32.dll
[7] 2012-07-26 . DA66D6D4A0B77D57F5CF449B1231010F . 213504 . . [6.2.9200.16384] .. c:\windows\system32\imm32.dll
.
[7] 2012-07-26 . C6B2D1AE7F957BCA38C6C86E800BDC3F . 77312 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-usp_31bf3856ad364e35_6.2.9200.16384_none_05c42072e2409625\usp10.dll
[7] 2012-07-26 . C6B2D1AE7F957BCA38C6C86E800BDC3F . 77312 . . [6.2.9200.16384] .. c:\windows\system32\usp10.dll
.
[7] 2014-03-01 . 7BDE8F40FF491D8507CE3A6BF4EF0851 . 1258496 . . [6.2.9200.16859] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16859_none_ecad0759dff2db48\kernel32.dll
[7] 2014-03-01 . 615363C9D1CE6D3DC81703E1E3D32EF4 . 1258496 . . [6.2.9200.20978] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20978_none_ed200402f921999d\kernel32.dll
[7] 2014-02-05 . 8E6F76FC4937DA47F905107757616E1B . 1257984 . . [6.2.9200.16815] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16815_none_ecd445e1dfd60628\kernel32.dll
[7] 2014-03-01 . 7BDE8F40FF491D8507CE3A6BF4EF0851 . 1258496 . . [6.2.9200.16384] .. c:\windows\system32\kernel32.dll
.
[7] 2012-07-26 . 5EFD801A12FB267405B24945012F5E1A . 28160 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.2.9200.16384_none_912ed9812f1847a9\linkinfo.dll
[7] 2012-07-26 . 5EFD801A12FB267405B24945012F5E1A . 28160 . . [6.2.9200.16384] .. c:\windows\system32\linkinfo.dll
.
[7] 2012-11-08 . CC81790E0A18535853C33BABBFF15D56 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16624_none_02dda516e419e312\lpk.dll
[7] 2012-11-08 . CC81790E0A18535853C33BABBFF15D56 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\Temp\InFlight\2519698832ffce018a000000e016c015\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16481_none_0299c0e4e44d4465\lpk.dll
[7] 2012-07-26 . 8B51BBAE42176AAB95026C2D07D13FDC . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16384_none_029cbfdce44a9343\lpk.dll
[7] 2012-07-26 . 8B51BBAE42176AAB95026C2D07D13FDC . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.20729_none_036c4353fd33018f\lpk.dll
[7] 2012-11-08 . CC81790E0A18535853C33BABBFF15D56 . 3072 . . [6.2.9200.16453] .. c:\windows\system32\lpk.dll
.
[7] 2012-07-26 . 335C4488A14AC4B52B3E1CDF6D6F7780 . 532992 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.2.9200.16384_none_08ffed191e5dbc88\hnetcfg.dll
[7] 2012-07-26 . 335C4488A14AC4B52B3E1CDF6D6F7780 . 532992 . . [6.2.9200.16384] .. c:\windows\system32\hnetcfg.dll
.
[7] 2014-05-06 . EE5B8FE4C7B9769C7DC5C3C856E140C3 . 19274752 . . [10.00.9200.16899] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16899_none_b25faa6960a437cd\mshtml.dll
[7] 2014-05-06 . 57050C0441EAA93FFE9273635A966303 . 19523072 . . [10.00.9200.21026] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21026_none_9be1c7657a10b6dd\mshtml.dll
[7] 2014-04-29 . 0B2B9288401D0C67F4E8B83A389EFFD8 . 19275264 . . [10.00.9200.16897] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16897_none_b25fd7f960a4048b\mshtml.dll
[7] 2014-04-29 . B194732553255AE138FA3346BB5240FE . 19517440 . . [10.00.9200.21024] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21024_none_9be1f4f57a10839b\mshtml.dll
[7] 2014-03-07 . 4BCADB6D3A03A690EC7F6B8AA7D3C5E4 . 19273216 . . [10.00.9200.16863] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16863_none_b25d323b60a65202\mshtml.dll
[7] 2014-05-06 . EE5B8FE4C7B9769C7DC5C3C856E140C3 . 19274752 . . [10.00.9200.16384] .. c:\windows\system32\mshtml.dll
.
[7] 2012-07-26 . AECED95ACFDCF96757EDD8D0CFFE34B8 . 654848 . . [7.0.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.2.9200.16384_none_2a1edd8528aa53a4\msvcrt.dll
[7] 2012-07-26 . AECED95ACFDCF96757EDD8D0CFFE34B8 . 654848 . . [7.0.9200.16384] .. c:\windows\system32\msvcrt.dll
.
[7] 2012-10-11 . 1AC307A2F7317007BC382046B3835202 . 355328 . . [6.2.9200.16433] .. c:\windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_11520fa2b6e84ca0\mswsock.dll
[7] 2012-10-11 . 1AC307A2F7317007BC382046B3835202 . 355328 . . [6.2.9200.16384] .. c:\windows\system32\mswsock.dll
.
[7] 2012-07-26 . FDC70965F0FC9DFEBC919627DED5DDFF . 743936 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll
[7] 2012-07-26 . FDC70965F0FC9DFEBC919627DED5DDFF . 743936 . . [6.2.9200.16384] .. c:\windows\system32\netlogon.dll
.
[7] 2012-07-26 . EF72CFB67C73A8751F3BC4F4C98EAD4C . 260608 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.2.9200.16384_none_fbe345c5869c9568\powrprof.dll
[7] 2012-07-26 . EF72CFB67C73A8751F3BC4F4C98EAD4C . 260608 . . [6.2.9200.16384] .. c:\windows\system32\powrprof.dll
.
[7] 2012-07-26 . 4F6E1CA672370A9BCAC049CE3AB7F666 . 224768 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[7] 2012-07-26 . 4F6E1CA672370A9BCAC049CE3AB7F666 . 224768 . . [6.2.9200.16384] .. c:\windows\system32\scecli.dll
.
[7] 2012-07-26 . B1E63281081B64BB570EA5B3EC5146C5 . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.2.9200.16384_none_ffff6ab0e5f5db6f\sfc.dll
[7] 2012-07-26 . B1E63281081B64BB570EA5B3EC5146C5 . 3072 . . [6.2.9200.16384] .. c:\windows\system32\sfc.dll
.
[7] 2012-09-20 . EDE27EACE742EE2888C5DD36400A2EC0 . 29696 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_0ec1e14b8ee4e401\svchost.exe
[7] 2012-09-20 . EDE27EACE742EE2888C5DD36400A2EC0 . 29696 . . [6.2.9200.16384] .. c:\windows\system32\svchost.exe
.
[7] 2012-07-26 . 88B7721AB551C4325036B25A34A2BF7B . 305664 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.2.9200.16384_none_3c0680406eb6ce76\tapisrv.dll
[7] 2012-07-26 . 88B7721AB551C4325036B25A34A2BF7B . 305664 . . [6.2.9200.16384] .. c:\windows\system32\tapisrv.dll
.
[7] 2012-09-20 . A99AD14F26BDA7D7F27F76BC91B7EED7 . 1342464 . . [6.2.9200.16420] .. c:\windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_263ef3ebf6f3a54e\user32.dll
[7] 2012-09-20 . A99AD14F26BDA7D7F27F76BC91B7EED7 . 1342464 . . [6.2.9200.16384] .. c:\windows\system32\user32.dll
.
[7] 2012-07-26 . 0E925F7BA032920D58DD284B6181A247 . 25088 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[7] 2012-07-26 . 0E925F7BA032920D58DD284B6181A247 . 25088 . . [6.2.9200.16384] .. c:\windows\system32\userinit.exe
.
[7] 2014-03-07 . 2B7920C7885AC45FD0E27DD860F095A1 . 2240000 . . [10.00.9200.16862] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16863_none_a103131ce04fe8cc\wininet.dll
[7] 2014-03-07 . 2B7920C7885AC45FD0E27DD860F095A1 . 2240000 . . [10.00.9200.16384] .. c:\windows\system32\wininet.dll
.
[7] 2012-07-26 . 2E5B349ACDA36C20612795754DB93312 . 345088 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_4b815827581a3bbb\ws2_32.dll
[7] 2012-07-26 . 2E5B349ACDA36C20612795754DB93312 . 345088 . . [6.2.9200.16384] .. c:\windows\system32\ws2_32.dll
.
[7] 2012-07-26 . C0D1F9ADE8800424BD8094302CC59EC1 . 4608 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.2.9200.16384_none_5d4ea9d2811f3160\ws2help.dll
[7] 2012-07-26 . C0D1F9ADE8800424BD8094302CC59EC1 . 4608 . . [6.2.9200.16384] .. c:\windows\system32\ws2help.dll
.
.
.
[7] 2012-07-26 . FE9AB232B56A12224E8A3F3F9878C9A3 . 132608 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_89bc60338e14dc99\wininit.exe
[7] 2012-07-26 . FE9AB232B56A12224E8A3F3F9878C9A3 . 132608 . . [6.2.9200.16384] .. c:\windows\system32\wininit.exe
.
[7] 2012-07-26 . 7978B91B70462045B01F114223FA5871 . 10240 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.2.9200.16384_none_f5fa34381a55c01e\ctfmon.exe
[7] 2012-07-26 . 7978B91B70462045B01F114223FA5871 . 10240 . . [6.2.9200.16384] .. c:\windows\system32\ctfmon.exe
.
[7] 2012-07-26 . A77F3ABE13FCC698511E5DEC7ACEBD5F . 565760 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.2.9200.16384_none_25fa048ea6b1ccd9\shsvcs.dll
[7] 2012-07-26 . A77F3ABE13FCC698511E5DEC7ACEBD5F . 565760 . . [6.2.9200.16384] .. c:\windows\system32\shsvcs.dll
.
[7] 2012-07-26 . E80DD61E52EDFFF9DA1ED7260A68855B . 159744 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.2.9200.16384_none_e22fad1e0d3b86f8\regsvc.dll
[7] 2012-07-26 . E80DD61E52EDFFF9DA1ED7260A68855B . 159744 . . [6.2.9200.16384] .. c:\windows\system32\regsvc.dll
.
[7] 2013-04-09 . ED40ED9A65F3E79A8C43DD50C5FDADBF . 1285632 . . [6.2.9200.16579] .. c:\windows\WinSxS\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.2.9200.16579_none_87da9b2020ba0bbf\schedsvc.dll
[7] 2013-04-09 . ED40ED9A65F3E79A8C43DD50C5FDADBF . 1285632 . . [6.2.9200.16384] .. c:\windows\system32\schedsvc.dll
.
[7] 2012-07-26 . 7A20882D76D4A78240A5AC9F2C2EBA21 . 266240 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.2.9200.16384_none_d8931a505afc7fac\ssdpsrv.dll
[7] 2012-07-26 . 7A20882D76D4A78240A5AC9F2C2EBA21 . 266240 . . [6.2.9200.16384] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2012-07-26 . 541EE228D0DEF392F7B2DFD885DD021B . 723968 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.2.9200.16384_none_e768e92cde084d59\termsrv.dll
[7] 2012-07-26 . 541EE228D0DEF392F7B2DFD885DD021B . 723968 . . [6.2.9200.16384] .. c:\windows\system32\termsrv.dll
.
.
.
[7] 2012-07-26 . AF433565E5E02857C5D0AFFD932AF150 . 8704 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-gdi-painting_31bf3856ad364e35_6.2.9200.16384_none_d0357f7fa5d047b8\msimg32.dll
[7] 2012-07-26 . AF433565E5E02857C5D0AFFD932AF150 . 8704 . . [6.2.9200.16384] .. c:\windows\system32\msimg32.dll
.
[-] 2013-10-30 19:38 . 7042BFF01618B8BFB1C6B97CCCD50E85 . 31137 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.20765_none_36e76d80c26ac0ef\comctl32.dll
[-] 2013-10-30 19:38 . 59D57E52A26C4786CB5B63E3CAC5FE90 . 33712 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16384_none_36472ae1a95e483b\comctl32.dll
[-] 2013-10-30 18:31 . E8D05C675E94EC50839CF8F7DEE5645E . 43244 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.20765_none_930609047ac83225\comctl32.dll
[-] 2013-10-30 18:31 . 6B729BAF8661FF66E25E19D290119D74 . 28730 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16384_none_9265c66561bbb971\comctl32.dll
[7] 2013-07-04 . E1BE2B701DA9FD6BDF2A46B1665B8734 . 541184 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.20765_none_c0fab5e443175348\comctl32.dll
[7] 2013-07-04 . 1136EC767D7915D0F945E38BBC64024C . 541696 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2013-07-04 . 1136EC767D7915D0F945E38BBC64024C . 541696 . . [5.82] .. c:\windows\WinSxS\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.2.9200.16658_none_366ba17fa9425139\comctl32.dll
[7] 2013-07-04 . 1136EC767D7915D0F945E38BBC64024C . 541696 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16658_none_bf1359a245f1cd12\comctl32.dll
[7] 2013-04-06 . 043862860006BDEE014234A112F0B5CC . 2046976 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.20683_none_726bd1009fad308c\comctl32.dll
[7] 2013-04-06 . BA34C32F67F91AD0DA3D3A3425C9236A . 2050560 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5\comctl32.dll
[7] 2012-07-26 . 7A3B96DE45ED3AB1B6BAA1D0B7B9869B . 541184 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_bf100cd445f4d954\comctl32.dll
[7] 2012-07-25 . 4E743FA4D61A2EF8CA1642F49DC4784D . 2046976 . . [5.82] .. c:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.dll
.
[7] 2012-07-26 . 39FB0D2C74D4201F01BA30D06162525A . 394240 . . [2001.12.10130.16384] .. c:\windows\SysWOW64\es.dll
[7] 2012-07-26 . 39FB0D2C74D4201F01BA30D06162525A . 394240 . . [2001.12.10130.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.2.9200.16384_none_700bf0d40fe2981b\es.dll
.
[7] 2012-07-26 . 51E886381803D55926A6D50643B9436C . 121344 . . [6.2.9200.16384] .. c:\windows\SysWOW64\imm32.dll
[7] 2012-07-26 . 51E886381803D55926A6D50643B9436C . 121344 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.2.9200.16384_none_bf746fcd388ff4f4\imm32.dll
.
[-] 2014-04-23 12:49 . 46295898FCA2EB48A51BFF103AB9649E . 46536 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20935_none_f79ced272d649fcf\kernel32.dll
[-] 2014-04-23 12:49 . F099884E02C7AFE305D098209F707E30 . 49574 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16627_none_f7201d10143d1c74\kernel32.dll
[-] 2014-04-23 12:45 . 6EF1AE9EFC8B38D9A2D8072664DA13BC . 146627 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20935_none_ed4842d4f903ddd4\kernel32.dll
[-] 2014-04-23 12:45 . 8AC3D8120E65A1411797C24992F9289A . 88845 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16627_none_eccb72bddfdc5a79\kernel32.dll
[7] 2014-03-01 . B754C9E628719644174783FAA1786EBE . 974848 . . [6.2.9200.20978] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20978_none_f774ae552d825b98\kernel32.dll
[7] 2014-03-01 . 985A570128DAEB86F77DE843028BDC9C . 974848 . . [6.2.9200.16384] .. c:\windows\SysWOW64\kernel32.dll
[7] 2014-03-01 . 985A570128DAEB86F77DE843028BDC9C . 974848 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16859_none_f701b1ac14539d43\kernel32.dll
[7] 2014-02-05 . BCD38BCC68BAE9585576C5223421229B . 974848 . . [6.2.9200.16815] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16815_none_f728f0341436c823\kernel32.dll
[-] 2013-07-10 19:19 . D465FE9BA0C489FB5FC5E9FC14BDC9C6 . 190 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20732_none_f799e87d2d67597c\kernel32.dll
[-] 2013-07-10 19:19 . 67A1A40C9663BCCDBB819ED9223C604E . 43698 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20708_none_f7c059fd2d499db3\kernel32.dll
[-] 2013-07-10 19:19 . 6520509618183D85035BA2554F887E2F . 43697 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16604_none_f732bc0a142f988d\kernel32.dll
[-] 2013-07-10 19:19 . E81E74D8C1C00B47B07A933A2255E40C . 52285 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16384_none_f6dc36f8147080a0\kernel32.dll
[-] 2013-07-07 19:06 . DD7E3F83748AB3C5D247F045D82F0B02 . 140299 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20732_none_ed453e2af9069781\kernel32.dll
[-] 2013-07-07 19:06 . B98480D0055F70B829D96FAE9FFC14D8 . 147542 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.20708_none_ed6bafaaf8e8dbb8\kernel32.dll
[-] 2013-07-07 19:06 . 9F2BE52E5C28A78FA5E26D1BCE792BB6 . 122358 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16604_none_ecde11b7dfced692\kernel32.dll
[-] 2013-07-07 19:06 . 37D23D6140518439B217342BD4FFEB88 . 146568 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.2.9200.16384_none_ec878ca5e00fbea5\kernel32.dll
.
[7] 2012-07-26 . 860BBE64C0BDC46E8548C8767103CB1A . 19968 . . [6.2.9200.16384] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2012-07-26 . 860BBE64C0BDC46E8548C8767103CB1A . 19968 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.2.9200.16384_none_9b8383d3637909a4\linkinfo.dll
.
[7] 2012-11-08 . 36D755FFED947A08B1650ACE9644FAB8 . 3072 . . [6.2.9200.16453] .. c:\windows\SysWOW64\lpk.dll
[7] 2012-11-08 . 36D755FFED947A08B1650ACE9644FAB8 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\Temp\InFlight\2519698832ffce018a000000e016c015\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16481_none_0cee6b3718ae0660\lpk.dll
[7] 2012-11-08 . 36D755FFED947A08B1650ACE9644FAB8 . 3072 . . [6.2.9200.16453] .. c:\windows\WinSxS\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16624_none_0d324f69187aa50d\lpk.dll
[7] 2012-07-26 . 562CAFDB2B2B004CDF4A3A97390CE18D . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.16384_none_0cf16a2f18ab553e\lpk.dll
[7] 2012-07-26 . 562CAFDB2B2B004CDF4A3A97390CE18D . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.2.9200.20729_none_0dc0eda63193c38a\lpk.dll
.
[7] 2014-05-06 . 09E7C1165BDE00E99C3B9F2BC50A2291 . 14391808 . . [10.00.9200.21026] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21026_none_a63671b7ae7178d8\mshtml.dll
[7] 2014-05-06 . F2E912C438B0BB201391B831DA63BE06 . 14367232 . . [10.00.9200.16384] .. c:\windows\SysWOW64\mshtml.dll
[7] 2014-05-06 . F2E912C438B0BB201391B831DA63BE06 . 14367232 . . [10.00.9200.16899] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16899_none_bcb454bb9504f9c8\mshtml.dll
[7] 2014-04-29 . ACA93994D1F82136AA51BEE6F42D8C6B . 14379520 . . [10.00.9200.21024] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.21024_none_a6369f47ae714596\mshtml.dll
[7] 2014-04-29 . DC4D93C813DF8235BD8502AF6A6E044F . 14357504 . . [10.00.9200.16897] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16897_none_bcb4824b9504c686\mshtml.dll
[-] 2014-04-23 12:49 . AD17E5DE8B5E31BF29179DE564823DB6 . 2733605 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20982_none_a5db7d61aeb4a8b0\mshtml.dll
[-] 2014-04-23 12:48 . B8C64ED6BE7C660712CEFAC70FC6728B . 2271337 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16843_none_bcafdbf99508e14f\mshtml.dll
[-] 2014-04-20 13:34 . B1D41CE152B080E2923A61CF5DEEEC9F . 3635557 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20982_none_9b86d30f7a53e6b5\mshtml.dll
[-] 2014-04-20 13:34 . 427364DF5BA14D446CB85449841FC9C2 . 2812587 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16843_none_b25b31a760a81f54\mshtml.dll
[-] 2014-03-22 18:58 . 4A73905BD9167E2B51A19050F08B4A64 . 2888228 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20544_none_a6028e59ae9806d2\mshtml.dll
[-] 2014-03-22 18:57 . 8E9051DE7E2EAE25121DD9227A1483E1 . 2886453 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20534_none_a6018e0fae98ed7b\mshtml.dll
[-] 2014-03-22 18:57 . DBD39391B0E345093FDC11F080A9578E . 2877101 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20521_none_a600d21dae998741\mshtml.dll
[-] 2014-03-22 18:56 . 7CAB25DB40A8606F1675F1B1BF5CFC82 . 2876392 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20486_none_a61131ddae8c837f\mshtml.dll
[-] 2014-03-22 18:55 . 47C9E492B674729F009620C361A5B46D . 2888137 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16442_none_bcdb327194e857ea\mshtml.dll
[-] 2014-03-22 18:55 . D82B7519F8608D310D85CEBCFFB9CA6A . 2885848 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16433_none_bcda1b5f94e95834\mshtml.dll
[-] 2014-03-22 18:54 . E8E172E8BA130A6BF5FFA68360BD0C61 . 2876814 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16420_none_bcd95f6d94e9f1fa\mshtml.dll
[-] 2014-03-22 18:53 . 07A9027A8B05B07E48755D7ACA28A62D . 2876375 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16390_none_bceb315f94db876a\mshtml.dll
[-] 2014-03-22 18:53 . C0664AA784757511A9D31D7E085E3F47 . 2869914 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16384_none_bce9d5f594dcd497\mshtml.dll
[-] 2014-03-22 18:49 . D2D2989870F547F15B2980CE1C70158E . 3752504 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20544_none_9bade4077a3744d7\mshtml.dll
[-] 2014-03-22 18:49 . 01C272E5091B02D5A2FEA1F4B2CF9AA2 . 3755096 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20534_none_9bace3bd7a382b80\mshtml.dll
[-] 2014-03-22 18:49 . C9D68EA56C408A67801F9A41F1CFF1C3 . 3751235 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20521_none_9bac27cb7a38c546\mshtml.dll
[-] 2014-03-22 18:48 . E6A35CC9473114087C46E041503DF1AC . 3739640 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20486_none_9bbc878b7a2bc184\mshtml.dll
[-] 2014-03-22 18:48 . 21E4A2B8F0E91D04AC4C4CD021EF9743 . 3753408 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16442_none_b286881f608795ef\mshtml.dll
[-] 2014-03-22 18:47 . 86FC98566FB81154E720E0D61CE4CEB3 . 3756988 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16433_none_b285710d60889639\mshtml.dll
[-] 2014-03-22 18:47 . CD3B29AC1CE62B043819C761A204ED61 . 3750361 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16420_none_b284b51b60892fff\mshtml.dll
[-] 2014-03-22 18:46 . 8907EDE82B7B0F5BEE4146218A65BB82 . 3739637 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16390_none_b296870d607ac56f\mshtml.dll
[-] 2014-03-22 18:46 . 76CC3A483848AC4F332A34A5CE44F82D . 3725575 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16384_none_b2952ba3607c129c\mshtml.dll
[-] 2014-03-15 22:39 . D94505D5220C63D724252BD51415419E . 2755362 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20963_none_a5d96605aeb68fa3\mshtml.dll
[-] 2014-03-15 22:24 . D0AEC85254CF56A77218BA090979D14C . 3646925 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.20963_none_9b84bbb37a55cda8\mshtml.dll
[7] 2014-03-07 . DA90FBE37A73383BD12B472452C543EE . 14357504 . . [10.00.9200.16863] .. c:\windows\WinSxS\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.0.9200.16863_none_bcb1dc8d950713fd\mshtml.dll
.
[7] 2012-07-26 . B59E9810F8A416B9E5354834F26969D4 . 709632 . . [7.0.9200.16384] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2012-07-26 . B59E9810F8A416B9E5354834F26969D4 . 709632 . . [7.0.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.2.9200.16384_none_ce004201704ce26e\msvcrt.dll
.
[-] 2013-07-21 16:06 . 56265E82603272B4118098BAA2348560 . 998 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_b5be113417a7948b\mswsock.dll
[-] 2013-07-21 16:06 . C50FA3F7B03717073339BA9A786E70C9 . 9902 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_b4fe62e6feb2834f\mswsock.dll
[-] 2013-07-08 17:38 . 7548BEADCF4AC7F6B6A34316D4F25504 . 945 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.20534_none_11dcacb7d00505c1\mswsock.dll
[-] 2013-07-08 17:38 . A0CAD949D59AB3D489A09E696E7C23A6 . 1574 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16384_none_111cfe6ab70ff485\mswsock.dll
[7] 2012-10-11 . C317E72447B437F99CC750BD876DF30E . 289280 . . [6.2.9200.16384] .. c:\windows\SysWOW64\mswsock.dll
[7] 2012-10-11 . C317E72447B437F99CC750BD876DF30E . 289280 . . [6.2.9200.16433] .. c:\windows\WinSxS\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.2.9200.16433_none_b533741efe8adb6a\mswsock.dll
.
[7] 2012-07-26 . EEF9DA64D7B1DD51FB8AB9EFCC560E3E . 634368 . . [6.2.9200.16384] .. c:\windows\SysWOW64\netlogon.dll
[7] 2012-07-26 . EEF9DA64D7B1DD51FB8AB9EFCC560E3E . 634368 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
.
[7] 2012-07-26 . 6C20BD6E46D606CB40A13C22D52B90C7 . 244736 . . [6.2.9200.16384] .. c:\windows\SysWOW64\powrprof.dll
[7] 2012-07-26 . 6C20BD6E46D606CB40A13C22D52B90C7 . 244736 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.2.9200.16384_none_9fc4aa41ce3f2432\powrprof.dll
.
[7] 2012-07-26 . B95DC83FF580DD92F487C2F4D0854B6A . 175616 . . [6.2.9200.16384] .. c:\windows\SysWOW64\scecli.dll
[7] 2012-07-26 . B95DC83FF580DD92F487C2F4D0854B6A . 175616 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll
.
[7] 2012-07-26 . 5DDEA740B911D4E910AC031090183E6A . 3072 . . [6.2.9200.16384] .. c:\windows\SysWOW64\sfc.dll
[7] 2012-07-26 . 5DDEA740B911D4E910AC031090183E6A . 3072 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-sfc_31bf3856ad364e35_6.2.9200.16384_none_a3e0cf2d2d986a39\sfc.dll
.
[-] 2013-07-21 16:04 . C1CD15714799293BD209F68C593E7A30 . 583 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_b32de2dcefa42bec\svchost.exe
[-] 2013-07-21 16:04 . A4EF679AC840D7C7F7611028C9D79780 . 3208 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
[-] 2013-07-08 17:27 . 9BC57F169476215FB2669A903D05DE56 . 609 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.20521_none_0f4c7e60a8019d22\svchost.exe
[-] 2013-07-08 17:27 . 9109F610E0CAE136117E7F77B2EDA53F . 2873 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
[7] 2012-09-20 . A46DC432F81473F526E3994AA483E366 . 23040 . . [6.2.9200.16384] .. c:\windows\SysWOW64\svchost.exe
[7] 2012-09-20 . A46DC432F81473F526E3994AA483E366 . 23040 . . [6.2.9200.16420] .. c:\windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16420_none_b2a345c7d68772cb\svchost.exe
.
[7] 2012-07-26 . 4A10477302BB35A17ED818CD8720478A . 245760 . . [6.2.9200.16384] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2012-07-26 . 4A10477302BB35A17ED818CD8720478A . 245760 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.2.9200.16384_none_dfe7e4bcb6595d40\tapisrv.dll
.
[-] 2013-07-21 15:51 . 6E9F7EE905C747E77C0036D56D1F85CA . 178 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_311e3b534471206a\user32.dll
[-] 2013-07-21 15:51 . BEB2C3A7A984ED557B8CA747A721B789 . 190 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_3056bdf82b817724\user32.dll
[-] 2013-07-08 17:37 . 819270B4801DC7D8341CB47F4AFDD898 . 1384 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_26c9910110105e6f\user32.dll
[-] 2013-07-08 17:37 . DCD1A89E4CD48E1358B55D6F0E538653 . 1406 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_260213a5f720b529\user32.dll
[7] 2012-09-20 . BA1C3ACD929A71E88B49C2B6E38F92B3 . 1126912 . . [6.2.9200.16384] .. c:\windows\SysWOW64\user32.dll
[7] 2012-09-20 . BA1C3ACD929A71E88B49C2B6E38F92B3 . 1126912 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_30939e3e2b546749\user32.dll
.
[7] 2012-07-26 . 9F6289D194A04A09671FEED4B6CB6EF7 . 21504 . . [6.2.9200.16384] .. c:\windows\SysWOW64\userinit.exe
[7] 2012-07-26 . 9F6289D194A04A09671FEED4B6CB6EF7 . 21504 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
.
[-] 2014-04-23 12:51 . 535F842CFDA811D2686C560C2383EC25 . 330345 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20982_none_2e0e186d41a00c49\wininet.dll
[-] 2014-04-23 12:51 . 19C1198B4AF44F635441AB86D6DB1DBA . 278405 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16843_none_44e2770527f444e8\wininet.dll
[-] 2014-04-20 13:34 . 2516385DFC30F92E9B4104C20DFC579E . 396461 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20982_none_8a2cb3f0f9fd7d7f\wininet.dll
[-] 2014-04-20 12:57 . F1D0C3C4DBF2C2610CCC457AD76BD80D . 350988 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16843_none_a1011288e051b61e\wininet.dll
[-] 2014-03-22 19:03 . E1DF57972BB4A62EEB408B5EC0516313 . 314964 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20963_none_2e0c011141a1f33c\wininet.dll
[-] 2014-03-22 19:03 . 9D76B5BE42B18D17623E27283CF13A9F . 324829 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20534_none_2e34291b41845114\wininet.dll
[-] 2014-03-22 19:03 . CB3E1A54C8A5E5C0389E9FA64F35A321 . 324836 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20521_none_2e336d294184eada\wininet.dll
[-] 2014-03-22 19:03 . F29A096717978BFADE2385C6C6D64533 . 324825 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16433_none_450cb66b27d4bbcd\wininet.dll
[-] 2014-03-22 19:03 . CDBF6C44E550BABA01DADFBCE698E3C7 . 324831 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16420_none_450bfa7927d55593\wininet.dll
[-] 2014-03-22 19:03 . 99207B13CC004D24191197A7308154EF . 315392 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16384_none_451c710127c83830\wininet.dll
[-] 2014-03-22 18:45 . 844BC1629DD679AEA0E6A1E8F1E99CDD . 388013 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20534_none_8a52c49ef9e1c24a\wininet.dll
[-] 2014-03-22 18:45 . 19B08F1FF8E9AC2FD81C14BE54B90367 . 388018 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20521_none_8a5208acf9e25c10\wininet.dll
[-] 2014-03-22 18:45 . 82F2A3948C2239A124B1EF4ADCB5D077 . 388007 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16433_none_a12b51eee0322d03\wininet.dll
[-] 2014-03-22 18:45 . F47B2EBDE720A609547708865ADE06DD . 387625 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16420_none_a12a95fce032c6c9\wininet.dll
[-] 2014-03-22 18:45 . 3279C00E7040BE87DEDF2CE07354DD82 . 385369 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16384_none_a13b0c84e025a966\wininet.dll
[-] 2014-03-15 22:18 . 1773141E965FC40D3CB5C69711DEAD3A . 386333 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.20963_none_8a2a9c94f9ff6472\wininet.dll
[7] 2014-03-07 . 89986727E56709064C219C8B47A20F82 . 1766400 . . [10.00.9200.16384] .. c:\windows\SysWOW64\wininet.dll
[7] 2014-03-07 . 89986727E56709064C219C8B47A20F82 . 1766400 . . [10.00.9200.16862] .. c:\windows\WinSxS\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.0.9200.16863_none_44e4779927f27796\wininet.dll
.
[7] 2012-07-26 . B3CC9EDFD97F7087013A9A47089DF571 . 310784 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2012-07-26 . B3CC9EDFD97F7087013A9A47089DF571 . 310784 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.2.9200.16384_none_ef62bca39fbcca85\ws2_32.dll
.
[7] 2012-07-26 . 3B00AE6AB772C533683DA887E093FAA0 . 4608 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ws2help.dll
[7] 2012-07-26 . 3B00AE6AB772C533683DA887E093FAA0 . 4608 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.2.9200.16384_none_67a35424b57ff35b\ws2help.dll
.
.
[7] 2012-07-26 . FBBAD33ED97E961CC1500872DE5D96DD . 133120 . . [6.2.9200.16384] .. c:\windows\regedit.exe
[7] 2012-07-26 . FBBAD33ED97E961CC1500872DE5D96DD . 159232 . . [6.2.9200.16384] .. c:\windows\WinSxS\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.2.9200.16384_none_4cf85cc9659cdc8e\regedit.exe
.
[-] 2013-07-21 15:55 . 3AD0E097EFFA0758BC2D8F4C7F75AAF7 . 4321 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.20555_none_a973c1fbdcbc87ba\ole32.dll
[-] 2013-07-21 15:55 . EFF498B800AD0377AD50F6737C835343 . 105248 . . [------] .. c:\windows\WinSxS\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.16384_none_a8c8b33cc3b82545\ole32.dll
[-] 2013-07-07 18:48 . F9A1E7E86088B6B186663147FFD39F54 . 4232 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.20555_none_05925d7f9519f8f0\ole32.dll
[-] 2013-07-07 18:48 . A8082CD2C18155EB8D88C4E0EC041046 . 185394 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.2.9200.16384_none_04e74ec07c15967b\ole32.dll
.
[7] 2012-07-26 . BC9503A901A545FAD807909F8C86B286 . 75776 . . [6.2.9200.16384] .. c:\windows\SysWOW64\usp10.dll
[7] 2012-07-26 . BC9503A901A545FAD807909F8C86B286 . 75776 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-usp_31bf3856ad364e35_6.2.9200.16384_none_a9a584ef29e324ef\usp10.dll
.
.
[7] 2012-07-26 . 78A83B17F5DDA47FAC0B0643456F7BAC . 9728 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2012-07-26 . 78A83B17F5DDA47FAC0B0643456F7BAC . 9728 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.2.9200.16384_none_99db98b461f84ee8\ctfmon.exe
.
[7] 2012-07-26 . C416B8E2EF38D100DA19C4DA8A3E8A17 . 506368 . . [6.2.9200.16384] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2012-07-26 . C416B8E2EF38D100DA19C4DA8A3E8A17 . 506368 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.2.9200.16384_none_304eaee0db128ed4\shsvcs.dll
.
[7] 2012-07-26 . 6FA9D09428E56C11E01066CAF2FB5031 . 5120 . . [6.2.9200.16384] .. c:\windows\SysWOW64\msimg32.dll
[7] 2012-07-26 . 6FA9D09428E56C11E01066CAF2FB5031 . 5120 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-gdi-painting_31bf3856ad364e35_6.2.9200.16384_none_7416e3fbed72d682\msimg32.dll
.
[7] 2012-07-26 . E0C63FB6DB6A57CF97BC2D5313CA1170 . 23040 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ias.dll
[7] 2012-07-26 . E0C63FB6DB6A57CF97BC2D5313CA1170 . 23040 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.2.9200.16384_none_f5abe68513ed07d9\ias.dll
.
[7] 2012-07-26 03:18 . 6A12B53574063FE7E7AC01488863BF91 . 924944 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2012-07-26 03:18 . 6A12B53574063FE7E7AC01488863BF91 . 924944 . . [4.1.6140] .. c:\windows\WinSxS\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.2.9200.16384_none_efbe1de626f6fe4a\mfc40u.dll
.
[7] 2012-07-26 . 4359A695FB0CF5C0C78A7FD2DACABC00 . 409600 . . [6.2.9200.16384] .. c:\windows\SysWOW64\upnphost.dll
[7] 2012-07-26 . 4359A695FB0CF5C0C78A7FD2DACABC00 . 409600 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.2.9200.16384_none_2506862bf2a8f5c1\upnphost.dll
.
[7] 2012-07-26 . A97542F6C1B3C99E739E6D2A79C1E1A3 . 523776 . . [6.2.9200.16384] .. c:\windows\SysWOW64\dsound.dll
[7] 2012-07-26 . A97542F6C1B3C99E739E6D2A79C1E1A3 . 523776 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.2.9200.16384_none_5546ca391349a3c1\dsound.dll
.
[7] 2012-07-26 . 118BA3061B4040BDC17432B775F3A292 . 1762304 . . [6.2.9200.16384] .. c:\windows\SysWOW64\d3d9.dll
[7] 2012-07-26 . 118BA3061B4040BDC17432B775F3A292 . 1762304 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.2.9200.16384_none_bef87886322cfaba\d3d9.dll
.
[7] 2012-07-26 . FC320B910DFBDFE314D6321ADCC8D8C7 . 474624 . . [6.2.9200.16384] .. c:\windows\SysWOW64\ddraw.dll
[7] 2012-07-26 . FC320B910DFBDFE314D6321ADCC8D8C7 . 474624 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.2.9200.16384_none_01b0aecd9168037e\ddraw.dll
.
[7] 2012-07-26 03:19 . 75439663A508A6256F3D50E0E760488B . 79360 . . [6.2.9200.16384] .. c:\windows\SysWOW64\olepro32.dll
[7] 2012-07-26 03:19 . 75439663A508A6256F3D50E0E760488B . 79360 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.2.9200.16384_none_36bec673d31b0b3f\olepro32.dll
.
[-] 2013-07-10 20:59 . 01F68BB34250029E6468E50B891817C6 . 417 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.20521_none_95590cd5342e73d0\perfctrs.dll
[-] 2013-07-10 20:59 . 4FCF612AF83C4AD71568B6457759C7F6 . 432 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.16384_none_94918f7a1b3eca8a\perfctrs.dll
[-] 2013-07-07 19:23 . 39ACACD8CDCBEDFA38AFD0CA30DA15EF . 417 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.20521_none_8b046282ffcdb1d5\perfctrs.dll
[-] 2013-07-07 19:23 . F9A526BADBE681B1B47E59B73FCE6735 . 431 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.16384_none_8a3ce527e6de088f\perfctrs.dll
[7] 2012-09-20 . EAEDE137A7FF55C258DB60684DC4AE74 . 39424 . . [6.2.9200.16384] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2012-09-20 . EAEDE137A7FF55C258DB60684DC4AE74 . 39424 . . [6.2.9200.16420] .. c:\windows\WinSxS\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.2.9200.16420_none_94ce6fc01b11baaf\perfctrs.dll
.
[7] 2012-07-26 . 682C3D4982B5375732A4273809365A0A . 16384 . . [6.2.9200.16384] .. c:\windows\SysWOW64\version.dll
[7] 2012-07-26 . 682C3D4982B5375732A4273809365A0A . 16384 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-version_31bf3856ad364e35_6.2.9200.16384_none_11a95b10224c80b5\version.dll
.
[-] 2014-04-23 12:47 . 68FB551792902D48432F36A6DE6466EE . 5039 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20982_none_2b4ec71f3a50f568\iexplore.exe
[-] 2014-04-23 12:47 . A6FE34865F42D912C3AC9F8C72C3E0D0 . 4335 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16843_none_422325b720a52e07\iexplore.exe
[-] 2014-04-20 12:56 . AC585B711F282AF4150F51FA789A5ECE . 3063 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20982_none_20fa1ccd05f0336d\iexplore.exe
[-] 2014-04-20 12:56 . 97A38FA2D01B4328D0E67B3A7ACF584B . 4393 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16843_none_37ce7b64ec446c0c\iexplore.exe
[-] 2014-03-22 18:52 . F99E6F56B087F240B274EFEE0887DFA8 . 6364 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_2b75d8173a34538a\iexplore.exe
[-] 2014-03-22 18:52 . DC774D38E42F6F5835FDC9062BC67496 . 6366 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_2b74d7cd3a353a33\iexplore.exe
[-] 2014-03-22 18:52 . F3B9F755BE0D7935F0C5499B2445A763 . 6396 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_424e7c2f2084a4a2\iexplore.exe
[-] 2014-03-22 18:52 . 19173EFC7394DF0DF2AE5D039660FD57 . 6388 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_424d651d2085a4ec\iexplore.exe
[-] 2014-03-22 18:52 . 0E1628E0D1690FA789A0BEB51E180D66 . 6812 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_425d1fb32079214f\iexplore.exe
[-] 2014-03-22 18:45 . 7CE72F94C64A0142E6FC553C140DF8D1 . 6940 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_21212dc505d3918f\iexplore.exe
[-] 2014-03-22 18:45 . 3B3D09CEABFDF18F830C8754DD78529C . 6939 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_21202d7b05d47838\iexplore.exe
[-] 2014-03-22 18:45 . E167C113CB77B3485B3F404D5A2D7EF2 . 6949 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_37f9d1dcec23e2a7\iexplore.exe
[-] 2014-03-22 18:45 . 5200E7401F0DDCE1A630FA2D6298E3DF . 6947 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_37f8bacaec24e2f1\iexplore.exe
[-] 2014-03-22 18:45 . 6FD70629C5217E0535A3513D3E6A27DD . 6941 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_38087560ec185f54\iexplore.exe
[-] 2014-03-15 22:36 . 4ACD75D6764A1A5BA134521FB1D3D3A4 . 4462 . . [------] .. c:\windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20963_none_2b4cafc33a52dc5b\iexplore.exe
[-] 2014-03-15 22:17 . 07B0B7C3AD976EDB9A7E0605C6296C16 . 3078 . . [------] .. c:\windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20963_none_20f8057105f21a60\iexplore.exe
.
[7] 2012-07-26 . 38E655CF5DD5713146E3CEF041BAADC4 . 17920 . . [6.2.9200.16384] .. c:\windows\SysWOW64\midimap.dll
[7] 2012-07-26 . 38E655CF5DD5713146E3CEF041BAADC4 . 17920 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.2.9200.16384_none_89a8d3e4e1f6a667\midimap.dll
.
[7] 2012-07-26 . 7CD424F005ED71204DCB14CF11F1EB0C . 11264 . . [6.2.9200.16384] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2012-07-26 . 7CD424F005ED71204DCB14CF11F1EB0C . 11264 . . [6.2.9200.16384] .. c:\windows\WinSxS\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.2.9200.16384_none_72f8506d23781755\rasadhlp.dll
.
[7] 2012-07-26 . 5719FF26E947EC345E62D24C86BC317B . 9728 . . [6.2.9200.16384] .. c:\windows\SysWOW64\WSHTCPIP.DLL
[7] 2012-07-26 . 5719FF26E947EC345E62D24C86BC317B . 9728 . . [6.2.9200.16384] .. c:\windows\WinSxS\x86_microsoft-windows-winsock-helper-tcpip_31bf3856ad364e35_6.2.9200.16384_none_c85e11a302ee4a1b\WSHTCPIP.DLL
.
c:\windows\system32\cngaudit.dll ... Fehlt !!
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-09 1826496]
"Spotify Web Helper"="c:\users\Merlin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-31 1171968]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-07-26 1564016]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-30 2990304]
"Akamai NetSession Interface"="c:\users\Merlin\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"GoogleChromeAutoLaunch_CD140F5AAD8E6FC651893248525622D4"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-04-24 841032]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-04-25 22415552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"D-Link D-Link DWA-140"="c:\program files (x86)\D-Link\DWA-140 revB\AirNCFG.exe" [2011-06-29 1074496]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-26 311152]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-02-11 2239376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2012-07-26 62976]
.
c:\users\Merlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Merlin\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
R2 0162251362329979mcinstcleanup;McAfee Application Installer Cleanup (0162251362329979);c:\users\Merlin\AppData\Local\Temp\016225~1.EXE;c:\users\Merlin\AppData\Local\Temp\016225~1.EXE [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store Service;c:\program files (x86)\SelfUpdater\SystemStore.exe -displayname System Store Service -servicename SystemStoreService;c:\program files (x86)\SelfUpdater\SystemStore.exe -displayname System Store Service -servicename SystemStoreService [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\users\Merlin\AppData\Local\Temp\EverestDriver.sys;c:\users\Merlin\AppData\Local\Temp\EverestDriver.sys [x]
R3 GameKB;SHARKOON Skiller;c:\windows\system32\drivers\GameKB.sys;c:\windows\SYSNATIVE\drivers\GameKB.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe;c:\windows\SysWOW64\GSService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S2 D_Link_DWA-140_WPS;D_Link_DWA-140_WPS Service;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;@oem30.inf,%DeviceName% (WDM);Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys;c:\windows\SYSNATIVE\DRIVERS\WUDFRd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-05-10 12:40 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-03-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-505795367-1035587087-3783900401-1001Core.job
- c:\users\Merlin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-26 19:11]
.
2014-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-30 13:47]
.
2014-05-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-30 13:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Merlin\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-04-25 08:03 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-02 12921488]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-10 472984]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-lrcspal@lyricspal.co - c:\program files (x86)\LyricsPal\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.DefaultCsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,38,12,3a,25,4d,
8a,1f,e3,d1,0d,d3,3b,92,3f,05,d7,c9,12
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,38,12,15,21,99,
35,ad,10,d3,00,f6,8f,3c,cf,15,94,08,e1
"{11111111-1111-1111-1111-110311341140}"=hex:51,66,7a,6c,4c,1d,38,12,7f,12,02,
15,23,5f,7f,54,6e,07,52,43,14,6a,55,54
"{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}"=hex:51,66,7a,6c,4c,1d,38,12,1d,cf,77,
51,95,a1,d1,09,ee,9c,1f,b7,fe,e1,bb,5b
"{73455575-E40C-433C-9784-C78DC7761455}"=hex:51,66,7a,6c,4c,1d,38,12,1b,56,56,
77,3e,aa,52,06,e8,92,84,cd,c2,28,50,41
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}"=hex:51,66,7a,6c,4c,1d,38,12,4d,0e,7e,
9a,40,73,fa,0f,d1,09,6e,56,73,7a,a7,cd
"{C8FBE488-BAF5-4019-A7F7-C888045987D3}"=hex:51,66,7a,6c,4c,1d,38,12,e6,e7,e8,
cc,c7,f4,77,05,d8,e1,8b,c8,01,07,c3,c7
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{E33CF602-D945-461A-83F0-819F76A199F8}"=hex:51,66,7a,6c,4c,1d,38,12,6c,f5,2f,
e7,77,97,74,03,fc,e6,c2,df,73,ff,dd,ec
.
[HKEY_USERS\.DefaultCsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:e4,2d,98,cb,81,eb,ce,01
.
[HKEY_USERS\.DefaultCsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,ab,20,ce,2a,bd,87,46,98,cb,67,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,c8,ab,20,ce,2a,bd,87,46,98,cb,67,\
.
[HKEY_USERS\S-1-5-21-505795367-1035587087-3783900401-1001CsiTool-CreateHive-{00000000-0000-0000-0000-000000000000}\Software\Microsoft\Internet Explorer\Approved Extensions]
@DACL=(02 0000)
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}"=hex:51,66,7a,6c,4c,1d,3b,1b,58,a5,a9,
12,e4,e0,26,05,94,56,0e,36,be,8a,a0,7d
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,3b,1b,ab,8c,06,
6a,c0,8c,46,08,ac,e7,8b,86,f1,99,6d,5a
"{B164E929-A1B6-4A06-B104-2CD0E90A88FF}"=hex:51,66,7a,6c,4c,1d,3b,1b,39,f2,76,
ad,86,fb,6c,04,ab,08,73,8c,e9,4a,c8,e6
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,3b,1b,54,1b,da,
c7,75,fe,31,0d,a6,78,c3,79,c1,85,c8,b0
"{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3d,4c,
92,1d,f7,d5,06,b6,21,8e,23,00,c9,cd,1f
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,39,98,
2d,af,04,d7,0b,93,95,20,d3,10,8a,0c,ec
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1d,60,
e1,ee,c5,27,06,bf,86,54,f7,41,11,8a,c1
"{11111111-1111-1111-1111-110311341140}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0a,03,
0d,21,4b,7b,5f,0b,1d,4e,5f,11,74,51,59
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,20,3f,
51,8e,33,10,09,8a,f9,a2,87,05,75,39,6c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-21 19:06:28 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-05-21 17:06
.
Vor Suchlauf: 14 Verzeichnis(se), 204.891.795.456 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 227.180.666.880 Bytes frei
.
- - End Of File - - EBD9091B4D9EE1906002264EC48E6575 |