Sirefef won't go away - please help!

Solved
By cschrille
Jun 2, 2012
  1. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Delete your Combofix file, download fresh one and try again.
  2. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    When I deleted the Combofix file the desktop.ini virus came up again. And it will wont work even after re-downloading.
  3. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Let's see, if we can look at your computer booting from an external source.

    Please download OTLPE (filesize 120,9 MB)

    • When downloaded double click on OTLPENet.exe and make sure there is a blank CD in your CD drive. This will automatically create a bootable CD.
    • Reboot your system using the boot CD you just created.
      • Note : If you do not know how to set your computer to boot from CD follow the steps here
    • Your system should now display a REATOGO-X-PE desktop.
    • Depending on your type of internet connection, you should be able to get online as well so you can access this topic more easily.
    • Double-click on the OTLPE icon.
    • When asked Do you wish to load the remote registry, select Yes
    • When asked Do you wish to load remote user profile(s) for scanning, select Yes
    • Ensure the box Automatically Load All Remaining Users" is checked and press OK
    • OTL should now start.
    • Press Run Scan to start the scan.
    • When finished, the file will be saved in drive C:\OTL.txt
    • Copy this file to your USB drive if you do not have internet connection on this system
    • Please post the contents of the OTL.txt file in your reply.
  4. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    Ok gonna try.
    MBAM just popped up with this, never seen it before.
    2012/06/08 02:28:33 +0200 ÄGAREN-DATOR Ägaren IP-BLOCK 195.3.145.57 (Type: outgoing, Port: 63958, Process: services.exe)
  5. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    OTL logfile created on: 6/8/2012 3:52:43 AM - Run
    OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
    64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

    3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
    3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
    Drive C: | 100.00 Mb Total Space | 69.66 Mb Free Space | 69.67% Space Free | Partition Type: NTFS
    Drive D: | 478.05 Gb Total Space | 347.04 Gb Free Space | 72.60% Space Free | Partition Type: NTFS
    Drive E: | 453.36 Gb Total Space | 52.73 Gb Free Space | 11.63% Space Free | Partition Type: NTFS
    Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

    Computer Name: REATOGO | User Name: SYSTEM
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
    Using ControlSet: ControlSet001

    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/09/22 06:03:30 | 000,974,944 | ---- | M] (ESET) [Auto] -- D:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Windows\System32\appmgmts.dll -- (AppMgmt)
    SRV - [2012/06/05 20:01:57 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2012/05/20 12:20:27 | 000,076,888 | ---- | M] () [Auto] -- D:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
    SRV - [2012/05/19 05:47:59 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- D:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
    SRV - [2012/05/15 16:42:44 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/05/15 06:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
    SRV - [2012/05/14 20:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto] -- D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
    SRV - [2012/04/04 09:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2012/04/04 01:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/07/07 13:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand] -- D:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
    SRV - [2011/07/01 05:46:40 | 000,014,848 | ---- | M] () [On_Demand] -- D:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
    SRV - [2011/06/26 02:45:56 | 000,256,000 | ---- | M] () [Auto] -- D:\32788R22FWJFW\pev.3XE -- (PEVSystemStart)
    SRV - [2011/06/15 11:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
    SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- D:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
    SRV - [2009/01/26 09:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto] -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2012/06/02 16:17:50 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot] -- D:\Windows\System32\drivers\39377219.sys -- (39377219)
    DRV:64bit: - [2012/05/23 07:58:41 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV:64bit: - [2012/04/18 13:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
    DRV:64bit: - [2012/04/04 09:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- D:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV:64bit: - [2011/08/09 08:24:52 | 000,202,576 | ---- | M] (ESET) [File_System | Auto] -- D:\Windows\System32\drivers\eamonm.sys -- (eamonm)
    DRV:64bit: - [2011/08/04 03:20:38 | 000,146,432 | ---- | M] (ESET) [Kernel | System] -- D:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
    DRV:64bit: - [2011/08/04 03:20:38 | 000,137,144 | ---- | M] (ESET) [Kernel | Auto] -- D:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
    DRV:64bit: - [2011/07/01 05:46:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand] -- D:\Windows\System32\drivers\tap0901.sys -- (tap0901)
    DRV:64bit: - [2011/06/10 02:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand] -- D:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2011/06/02 04:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- D:\Windows\System32\drivers\asmtxhci.sys -- (asmtxhci)
    DRV:64bit: - [2011/06/02 04:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand] -- D:\Windows\System32\drivers\asmthub3.sys -- (asmthub3)
    DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
    DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)

    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========



    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\Ägaren_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\Ägaren_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
    IE - HKU\Ägaren_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0A 1F 2E 1D A9 32 CD 01 [binary data]
    IE - HKU\Ägaren_ON_D\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKU\Ägaren_ON_D\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKU\Ägaren_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0





    ========== FireFox ==========


    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.0: D:\Windows\System32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: D:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: D:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0: D:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: D:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: D:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE: File not found
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
    FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: D:\Users\Ägaren\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

    64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET NOD32 ANTIVIRUS\MOZILLA THUNDERBIRD [2012/05/27 16:26:12 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/05 20:01:57 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012/05/27 16:26:12 | 000,000,000 | ---D | M]

    [2012/05/15 15:18:29 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Ägaren\AppData\Roaming\Mozilla\Extensions
    [2012/05/23 01:03:56 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\r3cyqdc7.default\extensions
    [2012/05/23 01:03:56 | 000,000,000 | ---D | M] (Flash and Video Download) -- D:\Users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\r3cyqdc7.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
    [2012/05/20 04:24:39 | 000,000,000 | ---D | M] (Greasemonkey) -- D:\Users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\r3cyqdc7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
    [2012/05/15 15:17:53 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
    File not found (No name found) --
    File not found (No name found) -- D:\USERS\ÄGAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3CYQDC7.DEFAULT\EXTENSIONS\{BEE6EB20-01E0-EBD1-DA83-080329FB9A3A}
    File not found (No name found) -- D:\USERS\ÄGAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3CYQDC7.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
    File not found (No name found) -- D:\USERS\ÄGAREN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\R3CYQDC7.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}
    [2012/06/05 20:01:57 | 000,085,472 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012/04/20 22:05:56 | 000,001,470 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\allaannonser-sv-SE.xml
    [2012/04/20 22:05:56 | 000,002,252 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012/04/20 22:05:56 | 000,002,670 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\prisjakt-sv-SE.xml
    [2012/04/20 22:05:56 | 000,000,948 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\tyda-sv-SE.xml
    [2012/04/20 22:05:57 | 000,001,174 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-sv-SE.xml
    [2012/04/20 22:05:57 | 000,000,951 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-sv-SE.xml

    O1 HOSTS File: ([2012/06/07 18:53:32 | 000,000,027 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - D:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
    O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - D:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
    O4:64bit: - HKLM..\Run: [egui] D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKU\Ägaren_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - HKU\Ägaren_ON_D..\Run: [SpybotSD TeaTimer] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKU\UpdatusUser_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\Ägaren_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\Ägaren_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\LocalService_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\NetworkService_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\systemprofile_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\UpdatusUser_ON_D\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8:64bit: - Extra context menu item: &Download All with FlashGet - D:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
    O8:64bit: - Extra context menu item: &Download with FlashGet - D:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
    O8 - Extra context menu item: &Download All with FlashGet - D:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
    O8 - Extra context menu item: &Download with FlashGet - D:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
    O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
    O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
    O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - File not found
    O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - File not found
    O16:64bit: - DPF: {AEA3991E-3109-4C98-989E-33994FEB1A91} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri64_4.5.1.0.cab (SysInfo Class)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
    64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/07 20:20:23 | 004,538,022 | R--- | C] (Swearware) -- D:\Users\Ägaren\Desktop\ComboFix.exe
    [2012/06/07 20:00:09 | 000,000,000 | --SD | C] -- D:\32788R22FWJFW
    [2012/06/07 19:56:51 | 000,000,000 | --SD | C] -- D:\ComboFix
    [2012/06/07 19:55:34 | 000,000,000 | -HSD | C] -- D:\$RECYCLE.BIN
    [2012/06/07 19:39:28 | 000,000,000 | ---D | C] -- D:\Windows\temp
    [2012/06/07 18:44:29 | 000,000,000 | ---D | C] -- D:\Qoobox
    [2012/06/07 18:37:17 | 001,153,912 | ---- | C] (Emsi Software GmbH) -- D:\Users\Ägaren\Desktop\BlitzBlank.exe
    [2012/06/07 17:38:50 | 004,731,392 | ---- | C] (AVAST Software) -- D:\Users\Ägaren\Desktop\aswMBR.exe
    [2012/06/07 14:23:39 | 000,000,000 | ---D | C] -- D:\Kaspersky Rescue Disk 10.0
    [2012/06/07 12:16:41 | 000,000,000 | ---D | C] -- D:\Program Files\Alex Feinman
    [2012/06/07 08:32:19 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sumotori Full Version
    [2012/06/07 08:32:19 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sumotori Full Version
    [2012/06/06 20:34:06 | 000,187,464 | ---- | C] (Webroot) -- D:\Users\Ägaren\Desktop\antizeroaccess.exe
    [2012/06/05 19:06:02 | 000,518,144 | ---- | C] (SteelWerX) -- D:\Windows\SWREG.exe
    [2012/06/05 19:06:02 | 000,406,528 | ---- | C] (SteelWerX) -- D:\Windows\SWSC.exe
    [2012/06/05 19:06:02 | 000,060,416 | ---- | C] (NirSoft) -- D:\Windows\NIRCMD.exe
    [2012/06/05 19:05:57 | 000,000,000 | ---D | C] -- D:\Windows\ERDNT
    [2012/06/03 14:42:41 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ESET
    [2012/06/03 14:29:14 | 000,000,000 | ---D | C] -- D:\_OTL
    [2012/06/03 11:50:20 | 000,000,000 | ---D | C] -- D:\ProgramData\Sophos
    [2012/06/03 11:50:16 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
    [2012/06/03 11:50:10 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Sophos
    [2012/06/03 08:49:31 | 000,000,000 | -HSD | C] -- D:\Windows\SysWow64\%APPDATA%
    [2012/06/03 07:03:37 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Need for Speed World
    [2012/06/03 06:48:17 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Electronic_Arts_Inc
    [2012/06/03 04:12:34 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    [2012/06/03 04:12:32 | 000,000,000 | ---D | C] -- D:\ProgramData\Spybot - Search & Destroy
    [2012/06/03 04:12:32 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Spybot - Search & Destroy
    [2012/06/02 16:17:52 | 000,000,000 | ---D | C] -- D:\ProgramData\Kaspersky Lab
    [2012/06/02 16:17:13 | 000,460,888 | ---- | C] (Kaspersky Lab ZAO) -- D:\Windows\System32\drivers\39377219.sys
    [2012/06/02 13:35:11 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Malwarebytes
    [2012/06/02 13:35:06 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/06/02 13:35:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- D:\Windows\System32\drivers\mbam.sys
    [2012/06/02 13:35:05 | 000,000,000 | ---D | C] -- D:\ProgramData\Malwarebytes
    [2012/06/02 13:35:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2012/06/02 13:11:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
    [2012/06/02 12:39:49 | 000,000,000 | ---D | C] -- D:\ProgramData\Rockstar Games
    [2012/06/02 07:28:58 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Chromium
    [2012/06/02 07:14:07 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Rockstar Games
    [2012/06/02 07:10:43 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Rockstar Games
    [2012/06/02 07:10:43 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
    [2012/06/01 08:28:51 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\European Bus Simulator 2012
    [2012/06/01 08:28:51 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\European Bus Simulator 2012
    [2012/06/01 08:10:00 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\European Bus Simulator 2012
    [2012/05/30 16:10:58 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rigs of Rods 0.38.67
    [2012/05/30 16:10:48 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Rigs of Rods 0.38
    [2012/05/29 10:31:37 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Roaming
    [2012/05/29 10:31:37 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Quest3D
    [2012/05/29 10:31:36 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\ShipSimExtremes Userdata
    [2012/05/29 10:11:20 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
    [2012/05/29 08:21:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
    [2012/05/29 07:59:03 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Motorm4x
    [2012/05/29 07:57:20 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
    [2012/05/28 11:56:59 | 000,000,000 | -HSD | C] -- D:\ProgramData\DSS
    [2012/05/28 11:56:48 | 000,000,000 | ---D | C] -- D:\Users\Public\Documents\microsoft
    [2012/05/28 11:53:29 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\ESET
    [2012/05/28 11:51:23 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
    [2012/05/28 11:51:21 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- D:\Windows\SysWow64\mkl_blueripple.dll
    [2012/05/28 11:51:21 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- D:\Windows\SysWow64\rapture3d_oal.dll
    [2012/05/27 16:33:23 | 000,000,000 | ---D | C] -- D:\Program Files\UlisesSoft
    [2012/05/27 16:29:12 | 000,000,000 | ---D | C] -- D:\CRACK
    [2012/05/27 16:25:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
    [2012/05/27 16:25:56 | 000,000,000 | ---D | C] -- D:\ProgramData\ESET
    [2012/05/27 16:25:56 | 000,000,000 | ---D | C] -- D:\Program Files\ESET
    [2012/05/27 15:55:55 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\SystemRequirementsLab
    [2012/05/26 15:09:27 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
    [2012/05/26 15:09:10 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\xlive
    [2012/05/26 15:09:10 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Games for Windows - LIVE
    [2012/05/26 12:39:24 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\My Games
    [2012/05/26 12:39:24 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\FLT
    [2012/05/26 12:39:24 | 000,000,000 | ---D | C] -- D:\ProgramData\Codemasters
    [2012/05/26 12:35:51 | 000,466,456 | ---- | C] (Creative Labs) -- D:\Windows\System32\wrap_oal.dll
    [2012/05/26 12:35:51 | 000,444,952 | ---- | C] (Creative Labs) -- D:\Windows\SysWow64\wrap_oal.dll
    [2012/05/26 12:35:51 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\Windows\System32\OpenAL32.dll
    [2012/05/26 12:35:51 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\Windows\SysWow64\OpenAL32.dll
    [2012/05/26 12:35:51 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\OpenAL
    [2012/05/26 12:26:36 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiRT Showdown
    [2012/05/26 11:55:38 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
    [2012/05/26 11:55:33 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\MSI Afterburner
    [2012/05/26 09:40:14 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIGA
    [2012/05/26 09:38:56 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\GIGA
    [2012/05/26 09:34:53 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft AppLocale
    [2012/05/25 14:17:32 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\FlashGet
    [2012/05/25 14:17:02 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlashGet
    [2012/05/25 14:17:01 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\FlashGet
    [2012/05/25 11:03:34 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGA
    [2012/05/24 10:31:10 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
    [2012/05/24 10:20:52 | 000,023,816 | ---- | C] (CPUID) -- D:\Windows\System32\drivers\cpuz135_x64.sys
    [2012/05/24 10:20:52 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
    [2012/05/24 10:20:51 | 000,000,000 | ---D | C] -- D:\Program Files\CPUID
    [2012/05/24 07:42:57 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
    [2012/05/24 07:42:53 | 000,000,000 | ---D | C] -- D:\Program Files\Speccy
    [2012/05/24 03:51:21 | 000,000,000 | ---D | C] -- D:\Windows\Minidump
    [2012/05/23 07:59:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
    [2012/05/23 07:58:41 | 000,283,200 | ---- | C] (DT Soft Ltd) -- D:\Windows\System32\drivers\dtsoftbus01.sys
    [2012/05/23 07:58:38 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\DAEMON Tools Lite
    [2012/05/23 07:57:22 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\DAEMON Tools Lite
    [2012/05/23 07:57:02 | 000,000,000 | ---D | C] -- D:\ProgramData\DAEMON Tools Lite
    [2012/05/22 15:19:56 | 000,000,000 | ---D | C] -- D:\Windows\Sun
    [2012/05/22 15:19:43 | 000,000,000 | ---D | C] -- D:\ProgramData\Sun
    [2012/05/22 15:16:42 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Oracle
    [2012/05/22 15:15:46 | 000,687,504 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\deployJava1.dll
    [2012/05/22 15:15:45 | 000,772,504 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\npDeployJava1.dll
    [2012/05/22 15:15:45 | 000,227,720 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaws.exe
    [2012/05/22 15:15:40 | 000,174,024 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\javaw.exe
    [2012/05/22 15:15:40 | 000,174,024 | ---- | C] (Oracle Corporation) -- D:\Windows\SysWow64\java.exe
    [2012/05/22 15:13:33 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    [2012/05/22 15:12:36 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvsvcr.dll
    [2012/05/22 15:11:39 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\drivers\nvhda64v.sys
    [2012/05/22 15:11:39 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvhdap64.dll
    [2012/05/22 15:11:38 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv64.dll
    [2012/05/22 15:11:38 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll
    [2012/05/22 15:11:38 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvoglv32.dll
    [2012/05/22 15:11:38 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dumx.dll
    [2012/05/22 15:11:38 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcompiler.dll
    [2012/05/22 15:11:38 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvd3dum.dll
    [2012/05/22 15:11:38 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll
    [2012/05/22 15:11:38 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvwgf2um.dll
    [2012/05/22 15:11:38 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcuda.dll
    [2012/05/22 15:11:38 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll
    [2012/05/22 15:11:38 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll
    [2012/05/22 15:11:38 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcuvid.dll
    [2012/05/22 15:11:38 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcuvenc.dll
    [2012/05/22 15:11:38 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvapi.dll
    [2012/05/22 15:11:38 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvumdshim.dll
    [2012/05/22 15:11:38 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvdecodemft.dll
    [2012/05/22 15:11:38 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvdecodemft.dll
    [2012/05/22 15:11:38 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvinitx.dll
    [2012/05/22 15:11:38 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvinit.dll
    [2012/05/22 11:14:01 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\NeoDownloader1
    [2012/05/22 11:14:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoDownloader
    [2012/05/22 11:04:30 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\NeoDownloader
    [2012/05/22 11:04:30 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\NeoDownloader
    [2012/05/21 15:30:33 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    [2012/05/21 15:30:33 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\7-Zip
    [2012/05/21 15:27:09 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
    [2012/05/21 15:27:09 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
    [2012/05/21 15:27:08 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Notepad++
    [2012/05/21 15:27:08 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Notepad++
    [2012/05/20 10:41:51 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\OpenOffice.org
    [2012/05/20 10:41:31 | 000,000,000 | --SD | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
    [2012/05/20 10:41:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\OpenOffice.org 3
    [2012/05/20 10:38:15 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Desktop\OpenOffice.org 3.4 (en-US) Installation Files
    [2012/05/20 05:55:59 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\NVIDIA
    [2012/05/20 05:53:16 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\PunkBuster
    [2012/05/20 05:53:10 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Battlefield 3
    [2012/05/20 05:50:16 | 000,000,000 | ---D | C] -- D:\ProgramData\EA Logs
    [2012/05/20 05:50:16 | 000,000,000 | ---D | C] -- D:\ProgramData\EA Core
    [2012/05/20 05:37:42 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\.minecraft
    [2012/05/19 12:30:32 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Unity
    [2012/05/19 08:26:07 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Unity
    [2012/05/18 17:51:59 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
    [2012/05/18 17:51:12 | 002,605,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_40.dll
    [2012/05/18 17:51:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_40.dll
    [2012/05/18 17:51:12 | 000,519,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_40.dll
    [2012/05/18 17:51:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_40.dll
    [2012/05/18 17:51:11 | 005,631,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_40.dll
    [2012/05/18 17:51:11 | 004,379,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_40.dll
    [2012/05/18 15:55:37 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Origin Games
    [2012/05/18 15:55:36 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Origin
    [2012/05/18 15:55:36 | 000,000,000 | ---D | C] -- D:\ProgramData\Origin
    [2012/05/18 15:54:35 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Origin
    [2012/05/18 15:54:35 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    [2012/05/18 15:54:35 | 000,000,000 | ---D | C] -- D:\ProgramData\Electronic Arts
    [2012/05/18 15:54:32 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Origin
    [2012/05/17 17:36:19 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Diablo III
    [2012/05/17 17:22:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
    [2012/05/17 17:22:01 | 000,000,000 | ---D | C] -- D:\ProgramData\Blizzard Entertainment
    [2012/05/17 17:04:18 | 000,000,000 | ---D | C] -- D:\ProgramData\Battle.net
    [2012/05/17 15:47:49 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Common Files\Blizzard Entertainment
    [2012/05/17 07:23:32 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Hitman Blood Money
    [2012/05/17 07:23:07 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
  6. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    [2012/05/16 11:19:06 | 000,000,000 | ---D | C] -- D:\ProgramData\BDLogging
    [2012/05/16 11:18:02 | 000,000,000 | ---D | C] -- D:\Program Files\Bitdefender
    [2012/05/16 11:16:38 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\QuickScan
    [2012/05/16 11:16:10 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Bitdefender
    [2012/05/16 11:14:28 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\WinRAR
    [2012/05/16 11:12:16 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2012/05/16 11:12:16 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2012/05/16 09:10:20 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\vlc
    [2012/05/16 07:16:10 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\BitTorrent
    [2012/05/16 07:06:06 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\Documents\Multisoft
    [2012/05/15 17:27:23 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Media Player Classic
    [2012/05/15 16:52:47 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2012/05/15 16:52:34 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\VideoLAN
    [2012/05/15 16:50:23 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
    [2012/05/15 16:50:14 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\K-Lite Codec Pack
    [2012/05/15 16:47:50 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema x64
    [2012/05/15 16:17:23 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
    [2012/05/15 16:17:19 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Google
    [2012/05/15 16:08:36 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Guavi
    [2012/05/15 16:08:21 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNCheck
    [2012/05/15 16:08:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\VPNCheck
    [2012/05/15 16:00:49 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
    [2012/05/15 16:00:49 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\OpenVPN
    [2012/05/15 15:18:24 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Mozilla
    [2012/05/15 15:18:24 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Mozilla
    [2012/05/15 15:17:56 | 000,000,000 | ---D | C] -- D:\ProgramData\Mozilla
    [2012/05/15 15:17:55 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Maintenance Service
    [2012/05/15 15:17:51 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
    [2012/05/15 14:49:13 | 000,000,000 | ---D | C] -- D:\ProgramData\NVIDIA
    [2012/05/15 14:48:27 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvcpl.dll
    [2012/05/15 14:48:27 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvsvc64.dll
    [2012/05/15 14:48:27 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvmctray.dll
    [2012/05/15 14:48:27 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvshext.dll
    [2012/05/15 14:46:37 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvhdagenco6420103.dll
    [2012/05/15 14:46:36 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvumdshimx.dll
    [2012/05/15 14:46:36 | 000,068,928 | ---- | C] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
    [2012/05/15 14:46:36 | 000,061,248 | ---- | C] (Khronos Group) -- D:\Windows\SysWow64\OpenCL.dll
    [2012/05/15 14:46:34 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- D:\Windows\System32\nvapi64.dll
    [2012/05/15 14:44:56 | 000,000,000 | ---D | C] -- D:\NVIDIA
    [2012/05/15 14:43:10 | 000,839,112 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
    [2012/05/15 14:43:07 | 000,955,848 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
    [2012/05/15 14:43:07 | 000,268,744 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
    [2012/05/15 14:43:02 | 000,189,384 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
    [2012/05/15 14:43:02 | 000,188,872 | ---- | C] (Oracle Corporation) -- D:\Windows\System32\java.exe
    [2012/05/15 14:42:52 | 000,000,000 | ---D | C] -- D:\Program Files\Java
    [2012/05/15 14:18:32 | 000,000,000 | ---D | C] -- D:\Program Files\SystemRequirementsLab
    [2012/05/15 14:13:32 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\TeraCopy
    [2012/05/15 14:13:27 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
    [2012/05/15 10:56:55 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\Adobe
    [2012/05/15 10:55:27 | 000,000,000 | ---D | C] -- D:\ProgramData\Adobe
    [2012/05/15 10:55:16 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Adobe
    [2012/05/15 10:54:17 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Macromedia
    [2012/05/15 10:54:17 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Adobe
    [2012/05/15 10:54:12 | 000,419,488 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/05/15 10:54:12 | 000,070,304 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012/05/15 10:54:11 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\Macromed
    [2012/05/15 10:54:06 | 000,000,000 | ---D | C] -- D:\Windows\System32\Macromed
    [2012/05/15 10:49:04 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft
    [2012/05/15 10:48:50 | 000,527,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_7.dll
    [2012/05/15 10:48:50 | 000,518,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_7.dll
    [2012/05/15 10:48:50 | 000,077,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_5.dll
    [2012/05/15 10:48:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_5.dll
    [2012/05/15 10:48:48 | 002,526,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_43.dll
    [2012/05/15 10:48:48 | 002,106,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_43.dll
    [2012/05/15 10:48:48 | 000,239,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_7.dll
    [2012/05/15 10:48:48 | 000,176,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_7.dll
    [2012/05/15 10:48:47 | 001,907,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_43.dll
    [2012/05/15 10:48:47 | 001,868,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dcsx_43.dll
    [2012/05/15 10:48:47 | 000,511,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_43.dll
    [2012/05/15 10:48:47 | 000,470,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_43.dll
    [2012/05/15 10:48:47 | 000,276,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_43.dll
    [2012/05/15 10:48:47 | 000,248,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx11_43.dll
    [2012/05/15 10:48:46 | 002,401,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_43.dll
    [2012/05/15 10:48:46 | 001,998,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_43.dll
    [2012/05/15 10:48:46 | 000,530,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_6.dll
    [2012/05/15 10:48:46 | 000,528,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_6.dll
    [2012/05/15 10:48:46 | 000,078,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_4.dll
    [2012/05/15 10:48:46 | 000,074,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_4.dll
    [2012/05/15 10:48:45 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_6.dll
    [2012/05/15 10:48:45 | 000,176,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_6.dll
    [2012/05/15 10:48:45 | 000,024,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_7.dll
    [2012/05/15 10:48:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\X3DAudio1_7.dll
    [2012/05/15 10:48:44 | 000,517,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_5.dll
    [2012/05/15 10:48:44 | 000,515,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_5.dll
    [2012/05/15 10:48:43 | 000,238,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_5.dll
    [2012/05/15 10:48:43 | 000,176,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_5.dll
    [2012/05/15 10:48:42 | 005,554,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dcsx_42.dll
    [2012/05/15 10:48:42 | 005,501,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dcsx_42.dll
    [2012/05/15 10:48:42 | 002,582,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_42.dll
    [2012/05/15 10:48:42 | 001,974,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_42.dll
    [2012/05/15 10:48:41 | 000,523,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_42.dll
    [2012/05/15 10:48:41 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_42.dll
    [2012/05/15 10:48:41 | 000,285,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx11_42.dll
    [2012/05/15 10:48:41 | 000,235,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx11_42.dll
    [2012/05/15 10:48:40 | 002,475,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_42.dll
    [2012/05/15 10:48:40 | 002,430,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_41.dll
    [2012/05/15 10:48:40 | 001,892,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_42.dll
    [2012/05/15 10:48:40 | 001,846,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_41.dll
    [2012/05/15 10:48:40 | 000,520,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_41.dll
    [2012/05/15 10:48:40 | 000,453,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_41.dll
    [2012/05/15 10:48:39 | 005,425,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_41.dll
    [2012/05/15 10:48:39 | 004,178,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_41.dll
    [2012/05/15 10:48:39 | 000,521,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_4.dll
    [2012/05/15 10:48:39 | 000,517,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_4.dll
    [2012/05/15 10:48:39 | 000,073,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_3.dll
    [2012/05/15 10:48:39 | 000,069,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_3.dll
    [2012/05/15 10:48:38 | 000,235,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_4.dll
    [2012/05/15 10:48:38 | 000,174,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_4.dll
    [2012/05/15 10:48:38 | 000,024,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_6.dll
    [2012/05/15 10:48:38 | 000,022,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\X3DAudio1_6.dll
    [2012/05/15 10:48:36 | 000,518,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_3.dll
    [2012/05/15 10:48:36 | 000,514,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_3.dll
    [2012/05/15 10:48:36 | 000,074,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_2.dll
    [2012/05/15 10:48:36 | 000,070,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_2.dll
    [2012/05/15 10:48:35 | 000,235,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_3.dll
    [2012/05/15 10:48:35 | 000,175,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_3.dll
    [2012/05/15 10:48:34 | 000,025,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_5.dll
    [2012/05/15 10:48:34 | 000,023,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\X3DAudio1_5.dll
    [2012/05/15 10:48:32 | 000,513,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_2.dll
    [2012/05/15 10:48:32 | 000,509,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_2.dll
    [2012/05/15 10:48:32 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_2.dll
    [2012/05/15 10:48:32 | 000,177,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_2.dll
    [2012/05/15 10:48:32 | 000,072,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_1.dll
    [2012/05/15 10:48:32 | 000,068,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_1.dll
    [2012/05/15 10:48:31 | 001,942,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_39.dll
    [2012/05/15 10:48:31 | 001,493,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_39.dll
    [2012/05/15 10:48:31 | 000,540,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_39.dll
    [2012/05/15 10:48:31 | 000,467,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_39.dll
    [2012/05/15 10:48:30 | 004,992,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_39.dll
    [2012/05/15 10:48:30 | 003,851,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_39.dll
    [2012/05/15 10:48:30 | 000,511,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_1.dll
    [2012/05/15 10:48:30 | 000,507,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_1.dll
    [2012/05/15 10:48:30 | 000,068,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAPOFX1_0.dll
    [2012/05/15 10:48:30 | 000,065,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAPOFX1_0.dll
    [2012/05/15 10:48:29 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_1.dll
    [2012/05/15 10:48:29 | 000,177,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_1.dll
    [2012/05/15 10:48:29 | 000,028,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_4.dll
    [2012/05/15 10:48:29 | 000,025,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\X3DAudio1_4.dll
    [2012/05/15 10:48:28 | 001,941,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_38.dll
    [2012/05/15 10:48:28 | 001,491,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_38.dll
    [2012/05/15 10:48:28 | 000,540,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_38.dll
    [2012/05/15 10:48:28 | 000,467,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_38.dll
    [2012/05/15 10:48:27 | 004,991,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_38.dll
    [2012/05/15 10:48:27 | 003,850,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_38.dll
    [2012/05/15 10:48:27 | 000,489,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XAudio2_0.dll
    [2012/05/15 10:48:27 | 000,479,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XAudio2_0.dll
    [2012/05/15 10:48:26 | 001,860,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_37.dll
    [2012/05/15 10:48:26 | 001,420,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_37.dll
    [2012/05/15 10:48:26 | 000,529,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_37.dll
    [2012/05/15 10:48:26 | 000,462,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_37.dll
    [2012/05/15 10:48:26 | 000,238,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine3_0.dll
    [2012/05/15 10:48:26 | 000,177,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine3_0.dll
    [2012/05/15 10:48:26 | 000,028,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_3.dll
    [2012/05/15 10:48:26 | 000,025,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\X3DAudio1_3.dll
    [2012/05/15 10:48:25 | 004,910,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DX9_37.dll
    [2012/05/15 10:48:25 | 003,786,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DX9_37.dll
    [2012/05/15 10:48:24 | 000,411,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_10.dll
    [2012/05/15 10:48:24 | 000,267,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_10.dll
    [2012/05/15 10:48:22 | 002,006,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_36.dll
    [2012/05/15 10:48:22 | 001,374,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_36.dll
    [2012/05/15 10:48:22 | 000,508,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_36.dll
    [2012/05/15 10:48:22 | 000,444,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_36.dll
    [2012/05/15 10:48:21 | 005,081,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_36.dll
    [2012/05/15 10:48:21 | 003,734,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_36.dll
    [2012/05/15 10:48:20 | 000,411,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_9.dll
    [2012/05/15 10:48:20 | 000,267,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_9.dll
    [2012/05/15 10:48:19 | 005,073,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_35.dll
    [2012/05/15 10:48:19 | 003,727,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_35.dll
    [2012/05/15 10:48:19 | 001,985,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_35.dll
    [2012/05/15 10:48:19 | 001,358,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_35.dll
    [2012/05/15 10:48:19 | 000,508,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_35.dll
    [2012/05/15 10:48:19 | 000,444,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_35.dll
    [2012/05/15 10:48:17 | 000,409,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_8.dll
    [2012/05/15 10:48:17 | 000,266,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_8.dll
    [2012/05/15 10:48:17 | 000,021,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\X3DAudio1_2.dll
    [2012/05/15 10:48:17 | 000,017,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\X3DAudio1_2.dll
    [2012/05/15 10:48:16 | 004,496,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_34.dll
    [2012/05/15 10:48:16 | 003,497,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_34.dll
    [2012/05/15 10:48:16 | 001,401,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_34.dll
    [2012/05/15 10:48:16 | 001,124,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_34.dll
    [2012/05/15 10:48:16 | 000,506,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_34.dll
    [2012/05/15 10:48:16 | 000,443,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_34.dll
    [2012/05/15 10:48:16 | 000,107,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_3.dll
    [2012/05/15 10:48:16 | 000,081,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xinput1_3.dll
    [2012/05/15 10:48:14 | 004,494,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_33.dll
    [2012/05/15 10:48:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_33.dll
    [2012/05/15 10:48:14 | 001,400,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\D3DCompiler_33.dll
    [2012/05/15 10:48:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\D3DCompiler_33.dll
    [2012/05/15 10:48:14 | 000,506,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10_33.dll
    [2012/05/15 10:48:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10_33.dll
    [2012/05/15 10:48:14 | 000,403,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_7.dll
    [2012/05/15 10:48:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_7.dll
    [2012/05/15 10:48:13 | 000,393,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_6.dll
    [2012/05/15 10:48:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_6.dll
    [2012/05/15 10:48:11 | 004,398,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_32.dll
    [2012/05/15 10:48:11 | 003,426,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_32.dll
    [2012/05/15 10:48:11 | 000,469,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx10.dll
    [2012/05/15 10:48:11 | 000,440,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx10.dll
    [2012/05/15 10:48:11 | 000,390,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_5.dll
    [2012/05/15 10:48:11 | 000,251,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_5.dll
    [2012/05/15 10:48:09 | 000,364,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_4.dll
    [2012/05/15 10:48:09 | 000,237,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_4.dll
    [2012/05/15 10:48:09 | 000,017,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\x3daudio1_1.dll
    [2012/05/15 10:48:09 | 000,015,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\x3daudio1_1.dll
    [2012/05/15 10:48:08 | 003,977,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_31.dll
    [2012/05/15 10:48:08 | 002,414,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_31.dll
    [2012/05/15 10:48:06 | 000,363,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_3.dll
    [2012/05/15 10:48:06 | 000,354,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_2.dll
    [2012/05/15 10:48:06 | 000,236,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_3.dll
    [2012/05/15 10:48:06 | 000,230,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_2.dll
    [2012/05/15 10:48:06 | 000,083,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_2.dll
    [2012/05/15 10:48:06 | 000,062,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xinput1_2.dll
    [2012/05/15 10:48:05 | 000,083,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xinput1_1.dll
    [2012/05/15 10:48:05 | 000,062,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xinput1_1.dll
    [2012/05/15 10:48:04 | 000,352,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_1.dll
    [2012/05/15 10:48:04 | 000,229,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_1.dll
    [2012/05/15 10:48:02 | 003,927,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_30.dll
    [2012/05/15 10:48:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_30.dll
    [2012/05/15 10:48:01 | 000,355,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xactengine2_0.dll
    [2012/05/15 10:48:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xactengine2_0.dll
    [2012/05/15 10:48:01 | 000,016,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\x3daudio1_0.dll
    [2012/05/15 10:48:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\x3daudio1_0.dll
    [2012/05/15 10:48:00 | 003,830,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_29.dll
    [2012/05/15 10:48:00 | 003,815,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_28.dll
    [2012/05/15 10:48:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_29.dll
    [2012/05/15 10:48:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_28.dll
    [2012/05/15 10:47:58 | 003,807,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_27.dll
    [2012/05/15 10:47:58 | 002,319,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_27.dll
    [2012/05/15 10:47:56 | 003,823,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_25.dll
    [2012/05/15 10:47:56 | 003,767,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_26.dll
    [2012/05/15 10:47:56 | 002,337,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_25.dll
    [2012/05/15 10:47:56 | 002,297,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_26.dll
    [2012/05/15 10:47:55 | 003,544,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3dx9_24.dll
    [2012/05/15 10:47:55 | 002,222,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3dx9_24.dll
  7. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    [2012/05/15 10:44:38 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\directx
    [2012/05/15 10:16:55 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft.NET
    [2012/05/15 10:10:11 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    [2012/05/15 10:09:24 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Silverlight
    [2012/05/15 10:07:53 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcorekmts.dll
    [2012/05/15 10:07:53 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpwsx.dll
    [2012/05/15 09:47:31 | 000,096,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
    [2012/05/15 09:47:30 | 002,311,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
    [2012/05/15 09:47:30 | 000,237,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
    [2012/05/15 09:47:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
    [2012/05/15 09:47:30 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
    [2012/05/15 09:47:30 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
    [2012/05/15 09:47:29 | 001,799,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
    [2012/05/15 09:47:29 | 001,493,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
    [2012/05/15 09:47:29 | 001,427,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
    [2012/05/15 09:47:29 | 000,818,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
    [2012/05/15 09:47:29 | 000,716,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
    [2012/05/15 09:47:29 | 000,248,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
    [2012/05/15 09:46:06 | 000,000,000 | ---D | C] -- D:\Windows\System32\SPReview
    [2012/05/15 09:46:01 | 000,000,000 | ---D | C] -- D:\Windows\System32\EventProviders
    [2012/05/15 09:43:53 | 001,942,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dfshim.dll
    [2012/05/15 09:43:53 | 000,048,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netfxperf.dll
    [2012/05/15 09:43:49 | 001,130,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dfshim.dll
    [2012/05/15 09:43:47 | 003,715,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstscax.dll
    [2012/05/15 09:43:47 | 001,838,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
    [2012/05/15 09:43:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\TsUsbFlt.sys
    [2012/05/15 09:43:47 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
    [2012/05/15 09:43:46 | 003,215,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mstscax.dll
    [2012/05/15 09:43:44 | 001,171,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
    [2012/05/15 09:43:44 | 000,954,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mfc40.dll
    [2012/05/15 09:43:44 | 000,954,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mfc40u.dll
    [2012/05/15 09:43:44 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tssrvlic.dll
    [2012/05/15 09:43:43 | 000,629,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pmcsnap.dll
    [2012/05/15 09:43:42 | 014,633,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmp.dll
    [2012/05/15 09:43:41 | 004,120,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mf.dll
    [2012/05/15 09:43:41 | 003,205,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mmcndmgr.dll
    [2012/05/15 09:43:41 | 000,485,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc_isv.dll
    [2012/05/15 09:43:40 | 003,008,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xpsservices.dll
    [2012/05/15 09:43:40 | 001,219,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rpcrt4.dll
    [2012/05/15 09:43:40 | 000,488,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc.dll
    [2012/05/15 09:43:40 | 000,428,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\secproc.dll
    [2012/05/15 09:43:40 | 000,423,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\secproc_isv.dll
    [2012/05/15 09:43:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate_isv.exe
    [2012/05/15 09:43:40 | 000,359,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate.exe
    [2012/05/15 09:43:40 | 000,327,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RMActivate_isv.exe
    [2012/05/15 09:43:39 | 002,086,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ole32.dll
    [2012/05/15 09:43:39 | 000,322,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RMActivate.exe
    [2012/05/15 09:43:39 | 000,238,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ppcsnap.dll
    [2012/05/15 09:43:39 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PushPrinterConnections.exe
    [2012/05/15 09:43:38 | 001,556,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RacEngn.dll
    [2012/05/15 09:43:38 | 001,340,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\diagperf.dll
    [2012/05/15 09:43:38 | 001,197,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskschd.dll
    [2012/05/15 09:43:38 | 000,263,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwizui.dll
    [2012/05/15 09:43:37 | 003,207,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mf.dll
    [2012/05/15 09:43:37 | 001,866,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ExplorerFrame.dll
    [2012/05/15 09:43:37 | 001,753,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vssapi.dll
    [2012/05/15 09:43:37 | 001,334,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\CertEnroll.dll
    [2012/05/15 09:43:37 | 001,326,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\NaturalLanguage6.dll
    [2012/05/15 09:43:36 | 011,410,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmp.dll
    [2012/05/15 09:43:36 | 003,860,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIRibbon.dll
    [2012/05/15 09:43:36 | 000,299,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mcupdate_GenuineIntel.dll
    [2012/05/15 09:43:35 | 003,027,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVCORE.DLL
    [2012/05/15 09:43:35 | 000,295,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PresentationHost.exe
    [2012/05/15 09:43:35 | 000,109,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PresentationHostProxy.dll
    [2012/05/15 09:43:35 | 000,099,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PresentationHostProxy.dll
    [2012/05/15 09:43:34 | 003,957,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WinSAT.exe
    [2012/05/15 09:43:34 | 001,975,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CertEnroll.dll
    [2012/05/15 09:43:34 | 001,888,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVDECOD.DLL
    [2012/05/15 09:43:34 | 000,598,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spinstall.exe
    [2012/05/15 09:43:34 | 000,320,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PresentationHost.exe
    [2012/05/15 09:43:34 | 000,301,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spreview.exe
    [2012/05/15 09:43:34 | 000,274,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpdd.dll
    [2012/05/15 09:43:33 | 002,067,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d9.dll
    [2012/05/15 09:43:33 | 001,115,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RacEngn.dll
    [2012/05/15 09:43:33 | 000,867,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SearchFolder.dll
    [2012/05/15 09:43:32 | 005,066,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\AuthFWSnapin.dll
    [2012/05/15 09:43:32 | 005,066,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AuthFWSnapin.dll
    [2012/05/15 09:43:32 | 003,391,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dbgeng.dll
    [2012/05/15 09:43:32 | 001,632,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dwmcore.dll
    [2012/05/15 09:43:31 | 001,493,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ExplorerFrame.dll
    [2012/05/15 09:43:31 | 001,456,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\crypt32.dll
    [2012/05/15 09:43:31 | 000,079,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdvgumd32.dll
    [2012/05/15 09:43:30 | 000,958,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\actxprxy.dll
    [2012/05/15 09:43:30 | 000,784,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\gpprefcl.dll
    [2012/05/15 09:43:30 | 000,750,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TSWorkspace.dll
    [2012/05/15 09:43:29 | 001,828,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d9.dll
    [2012/05/15 09:43:29 | 001,244,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imapi2fs.dll
    [2012/05/15 09:43:29 | 001,116,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstsc.exe
    [2012/05/15 09:43:29 | 000,787,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
    [2012/05/15 09:43:29 | 000,695,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netlogon.dll
    [2012/05/15 09:43:28 | 001,927,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\authui.dll
    [2012/05/15 09:43:28 | 001,900,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setupapi.dll
    [2012/05/15 09:43:28 | 001,281,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\werconcpl.dll
    [2012/05/15 09:43:28 | 001,212,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\propsys.dll
    [2012/05/15 09:43:28 | 000,720,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbc32.dll
    [2012/05/15 09:43:28 | 000,505,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\taskschd.dll
    [2012/05/15 09:43:28 | 000,464,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskeng.exe
    [2012/05/15 09:43:28 | 000,055,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PushPrinterConnections.exe
    [2012/05/15 09:43:27 | 001,049,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mstsc.exe
    [2012/05/15 09:43:27 | 001,008,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\user32.dll
    [2012/05/15 09:43:27 | 000,376,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\netio.sys
    [2012/05/15 09:43:26 | 001,796,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certmgr.dll
    [2012/05/15 09:43:26 | 000,955,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\localspl.dll
    [2012/05/15 09:43:26 | 000,758,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceApi.dll
    [2012/05/15 09:43:26 | 000,381,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wer.dll
    [2012/05/15 09:43:26 | 000,342,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\certcli.dll
    [2012/05/15 09:43:26 | 000,299,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tsmf.dll
    [2012/05/15 09:43:26 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scavengeui.dll
    [2012/05/15 09:43:26 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\LSCSHostPolicy.dll
    [2012/05/15 09:43:25 | 002,652,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netshell.dll
    [2012/05/15 09:43:25 | 001,509,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdtctm.dll
    [2012/05/15 09:43:25 | 001,371,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dwmcore.dll
    [2012/05/15 09:43:25 | 000,573,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbc32.dll
    [2012/05/15 09:43:25 | 000,457,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdrm.dll
    [2012/05/15 09:43:25 | 000,448,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shlwapi.dll
    [2012/05/15 09:43:25 | 000,299,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpshell.exe
    [2012/05/15 09:43:25 | 000,295,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\framedynos.dll
    [2012/05/15 09:43:25 | 000,210,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ncsi.dll
    [2012/05/15 09:43:24 | 000,800,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\usp10.dll
    [2012/05/15 09:43:24 | 000,658,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
    [2012/05/15 09:43:24 | 000,597,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\TSWorkspace.dll
    [2012/05/15 09:43:24 | 000,594,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\comdlg32.dll
    [2012/05/15 09:43:24 | 000,524,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmicmiplugin.dll
    [2012/05/15 09:43:24 | 000,519,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netcfgx.dll
    [2012/05/15 09:43:24 | 000,481,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpps.dll
    [2012/05/15 09:43:24 | 000,479,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\appmgr.dll
    [2012/05/15 09:43:24 | 000,390,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winlogon.exe
    [2012/05/15 09:43:24 | 000,343,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lsm.exe
    [2012/05/15 09:43:24 | 000,342,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\apphelp.dll
    [2012/05/15 09:43:24 | 000,297,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ws2_32.dll
    [2012/05/15 09:43:24 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tcpmonui.dll
    [2012/05/15 09:43:23 | 002,543,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpdshext.dll
    [2012/05/15 09:43:23 | 002,055,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Query.dll
    [2012/05/15 09:43:23 | 001,098,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Vault.dll
    [2012/05/15 09:43:23 | 000,897,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\azroles.dll
    [2012/05/15 09:43:23 | 000,422,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drvstore.dll
    [2012/05/15 09:43:23 | 000,270,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tsmf.dll
    [2012/05/15 09:43:23 | 000,266,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QAGENT.DLL
    [2012/05/15 09:43:23 | 000,091,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dot3api.dll
    [2012/05/15 09:43:22 | 002,522,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dbgeng.dll
    [2012/05/15 09:43:22 | 000,758,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\samsrv.dll
    [2012/05/15 09:43:22 | 000,751,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\win32spl.dll
    [2012/05/15 09:43:22 | 000,653,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lpksetup.exe
    [2012/05/15 09:43:22 | 000,522,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
    [2012/05/15 09:43:22 | 000,345,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cmd.exe
    [2012/05/15 09:43:21 | 001,619,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMVDECOD.DLL
    [2012/05/15 09:43:21 | 001,363,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Query.dll
    [2012/05/15 09:43:21 | 001,190,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
    [2012/05/15 09:43:21 | 000,582,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sxs.dll
    [2012/05/15 09:43:21 | 000,406,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netcfgx.dll
    [2012/05/15 09:43:21 | 000,210,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpclip.exe
    [2012/05/15 09:43:20 | 002,151,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mmcndmgr.dll
    [2012/05/15 09:43:20 | 001,808,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pnidui.dll
    [2012/05/15 09:43:20 | 001,158,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\webservices.dll
    [2012/05/15 09:43:20 | 000,584,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ipsmsnap.dll
    [2012/05/15 09:43:20 | 000,584,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\gpprefcl.dll
    [2012/05/15 09:43:20 | 000,473,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskcomp.dll
    [2012/05/15 09:43:20 | 000,381,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfds.dll
    [2012/05/15 09:43:20 | 000,312,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Wldap32.dll
    [2012/05/15 09:43:20 | 000,272,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mcbuilder.exe
    [2012/05/15 09:43:20 | 000,240,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cscobj.dll
    [2012/05/15 09:43:20 | 000,235,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hgprint.dll
    [2012/05/15 09:43:20 | 000,206,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\upnp.dll
    [2012/05/15 09:43:20 | 000,167,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpendp.dll
    [2012/05/15 09:43:19 | 001,792,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\authui.dll
    [2012/05/15 09:43:19 | 000,933,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sqlsrv32.dll
    [2012/05/15 09:43:19 | 000,732,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imapi2fs.dll
    [2012/05/15 09:43:19 | 000,547,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PortableDeviceApi.dll
    [2012/05/15 09:43:19 | 000,345,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fveapi.dll
    [2012/05/15 09:43:19 | 000,341,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msdrm.dll
    [2012/05/15 09:43:19 | 000,235,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winsta.dll
    [2012/05/15 09:43:19 | 000,084,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3api.dll
    [2012/05/15 09:43:19 | 000,049,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netfxperf.dll
    [2012/05/15 09:43:18 | 001,555,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\certmgr.dll
    [2012/05/15 09:43:18 | 001,441,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlanpref.dll
    [2012/05/15 09:43:18 | 001,243,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMNetMgr.dll
    [2012/05/15 09:43:18 | 001,009,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mcmde.dll
    [2012/05/15 09:43:18 | 000,695,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuapi.dll
    [2012/05/15 09:43:18 | 000,403,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\gdi32.dll
    [2012/05/15 09:43:18 | 000,323,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\drvstore.dll
    [2012/05/15 09:43:18 | 000,285,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\schtasks.exe
    [2012/05/15 09:43:18 | 000,263,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vpnike.dll
    [2012/05/15 09:43:18 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mcbuilder.exe
    [2012/05/15 09:43:18 | 000,183,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prncache.dll
    [2012/05/15 09:43:18 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\userenv.dll
    [2012/05/15 09:43:17 | 002,262,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SyncCenter.dll
    [2012/05/15 09:43:17 | 001,712,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\xpsservices.dll
    [2012/05/15 09:43:17 | 001,082,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppobjs.dll
    [2012/05/15 09:43:17 | 001,024,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpmde.dll
    [2012/05/15 09:43:17 | 000,630,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\evr.dll
    [2012/05/15 09:43:17 | 000,412,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aepdu.dll
    [2012/05/15 09:43:17 | 000,409,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\photowiz.dll
    [2012/05/15 09:43:17 | 000,302,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cmd.exe
    [2012/05/15 09:43:17 | 000,296,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AudioSes.dll
    [2012/05/15 09:43:17 | 000,279,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\framedyn.dll
    [2012/05/15 09:43:17 | 000,169,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tspubwmi.dll
    [2012/05/15 09:43:16 | 002,072,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPEncEn.dll
    [2012/05/15 09:43:16 | 000,605,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpeffects.dll
    [2012/05/15 09:43:16 | 000,492,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\win32spl.dll
    [2012/05/15 09:43:16 | 000,424,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aeinv.dll
    [2012/05/15 09:43:16 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfreadwrite.dll
    [2012/05/15 09:43:16 | 000,244,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmicsvc.exe
    [2012/05/15 09:43:16 | 000,206,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\framedynos.dll
    [2012/05/15 09:43:16 | 000,200,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tscfgwmi.dll
    [2012/05/15 09:43:16 | 000,178,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpinit.exe
    [2012/05/15 09:43:16 | 000,171,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fde.dll
    [2012/05/15 09:43:15 | 000,551,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\localsec.dll
    [2012/05/15 09:43:15 | 000,503,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imapi2.dll
    [2012/05/15 09:43:15 | 000,501,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WinSATAPI.dll
    [2012/05/15 09:43:15 | 000,324,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netdiagfx.dll
    [2012/05/15 09:43:15 | 000,298,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcryptprimitives.dll
    [2012/05/15 09:43:15 | 000,296,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mfds.dll
    [2012/05/15 09:43:15 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\stobject.dll
    [2012/05/15 09:43:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\credui.dll
    [2012/05/15 09:43:15 | 000,166,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetpp.dll
    [2012/05/15 09:43:15 | 000,165,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netid.dll
    [2012/05/15 09:43:15 | 000,144,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cdd.dll
    [2012/05/15 09:43:15 | 000,140,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdpendp.dll
    [2012/05/15 09:43:14 | 002,755,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\themeui.dll
    [2012/05/15 09:43:14 | 002,746,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\gameux.dll
    [2012/05/15 09:43:14 | 001,050,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\printui.dll
    [2012/05/15 09:43:14 | 000,762,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\azroles.dll
    [2012/05/15 09:43:14 | 000,571,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mspbda.dll
    [2012/05/15 09:43:14 | 000,504,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\biocpl.dll
    [2012/05/15 09:43:14 | 000,498,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cscui.dll
    [2012/05/15 09:43:14 | 000,378,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msinfo32.exe
    [2012/05/15 09:43:14 | 000,339,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\appmgr.dll
    [2012/05/15 09:43:14 | 000,303,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scansetting.dll
    [2012/05/15 09:43:14 | 000,253,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tcpipcfg.dll
    [2012/05/15 09:43:14 | 000,244,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spp.dll
    [2012/05/15 09:43:14 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QSHVHOST.DLL
    [2012/05/15 09:43:14 | 000,168,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\credui.dll
    [2012/05/15 09:43:14 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ncsi.dll
    [2012/05/15 09:43:14 | 000,100,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\davclnt.dll
    [2012/05/15 09:43:14 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\splwow64.exe
    [2012/05/15 09:43:13 | 000,625,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mscms.dll
    [2012/05/15 09:43:13 | 000,577,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AdmTmpl.dll
    [2012/05/15 09:43:13 | 000,552,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdri.dll
    [2012/05/15 09:43:13 | 000,508,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
    [2012/05/15 09:43:13 | 000,477,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PhotoScreensaver.scr
    [2012/05/15 09:43:13 | 000,307,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wusa.exe
    [2012/05/15 09:43:13 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mfreadwrite.dll
    [2012/05/15 09:43:13 | 000,187,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rpchttp.dll
    [2012/05/15 09:43:13 | 000,145,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IPHLPAPI.DLL
    [2012/05/15 09:43:13 | 000,144,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\basecsp.dll
    [2012/05/15 09:43:13 | 000,122,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aitagent.exe
    [2012/05/15 09:43:12 | 003,211,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msi.dll
    [2012/05/15 09:43:12 | 000,934,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FirewallControlPanel.dll
    [2012/05/15 09:43:12 | 000,854,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dbghelp.dll
    [2012/05/15 09:43:12 | 000,776,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\calc.exe
    [2012/05/15 09:43:12 | 000,488,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\evr.dll
    [2012/05/15 09:43:12 | 000,459,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DXP.dll
    [2012/05/15 09:43:12 | 000,442,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winspool.drv
    [2012/05/15 09:43:12 | 000,418,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppwinob.dll
    [2012/05/15 09:43:12 | 000,405,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wisptis.exe
    [2012/05/15 09:43:12 | 000,335,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WinSATAPI.dll
    [2012/05/15 09:43:12 | 000,305,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\taskcomp.dll
    [2012/05/15 09:43:12 | 000,229,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsRasterService.dll
    [2012/05/15 09:43:12 | 000,199,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PkgMgr.exe
    [2012/05/15 09:43:12 | 000,186,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ocsetup.exe
    [2012/05/15 09:43:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ocsetapi.dll
    [2012/05/15 09:43:11 | 000,780,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ci.dll
    [2012/05/15 09:43:11 | 000,778,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sqlsrv32.dll
    [2012/05/15 09:43:11 | 000,348,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eapp3hst.dll
    [2012/05/15 09:43:11 | 000,303,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eapphost.dll
    [2012/05/15 09:43:11 | 000,264,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\upnp.dll
    [2012/05/15 09:43:11 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mprapi.dll
    [2012/05/15 09:43:11 | 000,128,000 | ---- | C] (Microsoft) -- D:\Windows\System32\Robocopy.exe
    [2012/05/15 09:43:10 | 002,983,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UIRibbon.dll
    [2012/05/15 09:43:10 | 002,494,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netshell.dll
    [2012/05/15 09:43:10 | 001,457,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DxpTaskSync.dll
    [2012/05/15 09:43:10 | 001,160,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSMPEG2ENC.DLL
    [2012/05/15 09:43:10 | 000,850,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mmsys.cpl
    [2012/05/15 09:43:10 | 000,658,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PerfCenterCPL.dll
    [2012/05/15 09:43:10 | 000,263,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hal.dll
    [2012/05/15 09:43:10 | 000,232,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scecli.dll
    [2012/05/15 09:43:10 | 000,148,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\t2embed.dll
    [2012/05/15 09:43:10 | 000,128,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dwmredir.dll
    [2012/05/15 09:43:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\thumbcache.dll
    [2012/05/15 09:43:09 | 002,851,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\themeui.dll
    [2012/05/15 09:43:09 | 002,341,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msi.dll
    [2012/05/15 09:43:09 | 000,932,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\printui.dll
    [2012/05/15 09:43:09 | 000,675,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DXPTaskRingtone.dll
    [2012/05/15 09:43:09 | 000,568,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scrptadm.dll
    [2012/05/15 09:43:09 | 000,429,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\puiobj.dll
    [2012/05/15 09:43:09 | 000,352,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmpeffects.dll
    [2012/05/15 09:43:09 | 000,235,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\onex.dll
    [2012/05/15 09:43:09 | 000,179,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\Classpnp.sys
    [2012/05/15 09:43:09 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\aaclient.dll
    [2012/05/15 09:43:09 | 000,116,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\prncache.dll
    [2012/05/15 09:43:09 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msasn1.dll
    [2012/05/15 09:43:08 | 001,363,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wdc.dll
    [2012/05/15 09:43:08 | 000,475,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlangpui.dll
    [2012/05/15 09:43:08 | 000,406,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\scesrv.dll
    [2012/05/15 09:43:08 | 000,246,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\scansetting.dll
    [2012/05/15 09:43:08 | 000,142,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\net1.exe
    [2012/05/15 09:43:08 | 000,139,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rpchttp.dll
    [2012/05/15 09:43:07 | 002,621,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wucltux.dll
    [2012/05/15 09:43:07 | 002,504,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMVCORE.DLL
    [2012/05/15 09:43:07 | 001,689,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netcenter.dll
    [2012/05/15 09:43:07 | 001,120,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sdengin2.dll
    [2012/05/15 09:43:07 | 000,799,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msftedit.dll
    [2012/05/15 09:43:07 | 000,691,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VAN.dll
    [2012/05/15 09:43:07 | 000,483,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\StructuredQuery.dll
    [2012/05/15 09:43:07 | 000,462,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wiadefui.dll
    [2012/05/15 09:43:07 | 000,411,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wlangpui.dll
    [2012/05/15 09:43:07 | 000,340,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srchadmin.dll
    [2012/05/15 09:43:07 | 000,273,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SndVol.exe
    [2012/05/15 09:43:07 | 000,239,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dskquoui.dll
    [2012/05/15 09:43:07 | 000,213,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MMDevAPI.dll
    [2012/05/15 09:43:07 | 000,167,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\QSHVHOST.DLL
    [2012/05/15 09:43:07 | 000,131,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\aaclient.dll
    [2012/05/15 09:43:07 | 000,112,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\consent.exe
    [2012/05/15 09:43:07 | 000,107,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QUTIL.DLL
    [2012/05/15 09:43:07 | 000,095,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\regapi.dll
    [2012/05/15 09:43:07 | 000,080,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\davclnt.dll
    [2012/05/15 09:43:07 | 000,067,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\samcli.dll
    [2012/05/15 09:43:07 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wscapi.dll
    [2012/05/15 09:43:06 | 002,311,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wpdshext.dll
    [2012/05/15 09:43:06 | 001,750,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pnidui.dll
    [2012/05/15 09:43:06 | 000,782,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\webservices.dll
    [2012/05/15 09:43:06 | 000,464,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\scrptadm.dll
    [2012/05/15 09:43:06 | 000,248,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wksprt.exe
    [2012/05/15 09:43:06 | 000,124,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\fde.dll
    [2012/05/15 09:43:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\t2embed.dll
    [2012/05/15 09:43:06 | 000,088,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setupcl.exe
    [2012/05/15 09:43:04 | 002,146,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SyncCenter.dll
    [2012/05/15 09:43:04 | 000,726,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\appwiz.cpl
    [2012/05/15 09:43:04 | 000,684,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TabletPC.cpl
    [2012/05/15 09:43:04 | 000,560,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wuapi.dll
    [2012/05/15 09:43:04 | 000,424,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rastls.dll
    [2012/05/15 09:43:04 | 000,332,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hgcpl.dll
    [2012/05/15 09:43:04 | 000,300,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msconfig.exe
    [2012/05/15 09:43:04 | 000,225,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netdiagfx.dll
    [2012/05/15 09:43:04 | 000,215,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netiohlp.dll
    [2012/05/15 09:43:04 | 000,139,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cscobj.dll
    [2012/05/15 09:43:04 | 000,134,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WinSCard.dll
    [2012/05/15 09:43:04 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskhost.exe
    [2012/05/15 09:43:04 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wscapi.dll
    [2012/05/15 09:43:04 | 000,041,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mimefilt.dll
    [2012/05/15 09:43:03 | 000,830,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MSMPEG2ENC.DLL
    [2012/05/15 09:43:03 | 000,726,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AuxiliaryDisplayCpl.dll
    [2012/05/15 09:43:03 | 000,633,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\riched20.dll
    [2012/05/15 09:43:03 | 000,392,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imapi2.dll
    [2012/05/15 09:43:03 | 000,372,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mtxclu.dll
    [2012/05/15 09:43:03 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\clusapi.dll
    [2012/05/15 09:43:03 | 000,166,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\basecsp.dll
    [2012/05/15 09:43:03 | 000,156,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\winsta.dll
    [2012/05/15 09:43:03 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fdeploy.dll
    [2012/05/15 09:43:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lsmproxy.dll
    [2012/05/15 09:43:03 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TsUsbGDCoInstaller.dll
    [2012/05/15 09:43:02 | 002,576,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\gameux.dll
    [2012/05/15 09:43:02 | 002,250,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SensorsCpl.dll
    [2012/05/15 09:43:02 | 002,193,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\themecpl.dll
    [2012/05/15 09:43:02 | 001,624,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPEncEn.dll
    [2012/05/15 09:43:02 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Narrator.exe
    [2012/05/15 09:43:02 | 000,658,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\autofmt.exe
    [2012/05/15 09:43:02 | 000,630,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DXPTaskRingtone.dll
    [2012/05/15 09:43:02 | 000,486,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\powercpl.dll
    [2012/05/15 09:43:02 | 000,359,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eudcedit.exe
    [2012/05/15 09:43:02 | 000,357,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sharemediacpl.dll
    [2012/05/15 09:43:02 | 000,355,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Faultrep.dll
    [2012/05/15 09:43:02 | 000,199,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\onex.dll
    [2012/05/15 09:43:02 | 000,188,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netjoin.dll
    [2012/05/15 09:43:02 | 000,186,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logoncli.dll
    [2012/05/15 09:43:02 | 000,118,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dnscmmc.dll
    [2012/05/15 09:43:02 | 000,090,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nci.dll
    [2012/05/15 09:43:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\hbaapi.dll
    [2012/05/15 09:43:02 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RpcRtRemote.dll
    [2012/05/15 09:43:01 | 000,777,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autochk.exe
    [2012/05/15 09:43:01 | 000,763,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autofmt.exe
    [2012/05/15 09:43:01 | 000,679,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\autoconv.exe
    [2012/05/15 09:43:01 | 000,668,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\autochk.exe
    [2012/05/15 09:43:01 | 000,633,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\comctl32.dll
    [2012/05/15 09:43:01 | 000,303,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msinfo32.exe
    [2012/05/15 09:43:01 | 000,232,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppcomapi.dll
    [2012/05/15 09:43:01 | 000,195,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\AudioSes.dll
    [2012/05/15 09:43:01 | 000,167,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msutb.dll
    [2012/05/15 09:43:01 | 000,166,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netiohlp.dll
    [2012/05/15 09:43:01 | 000,139,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cabview.dll
    [2012/05/15 09:43:01 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IPHLPAPI.DLL
    [2012/05/15 09:43:01 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\regapi.dll
    [2012/05/15 09:43:01 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mimefilt.dll
    [2012/05/15 09:43:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vpnikeapi.dll
    [2012/05/15 09:43:01 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\proquota.exe
    [2012/05/15 09:43:00 | 001,264,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sdclt.exe
    [2012/05/15 09:43:00 | 000,933,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SmiEngine.dll
    [2012/05/15 09:43:00 | 000,905,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mmsys.cpl
    [2012/05/15 09:43:00 | 000,861,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fontext.dll
    [2012/05/15 09:43:00 | 000,793,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autoconv.exe
    [2012/05/15 09:43:00 | 000,665,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\AuxiliaryDisplayCpl.dll
    [2012/05/15 09:43:00 | 000,611,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpd_ci.dll
    [2012/05/15 09:43:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nshipsec.dll
    [2012/05/15 09:43:00 | 000,441,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\powercpl.dll
    [2012/05/15 09:43:00 | 000,414,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlanui.dll
    [2012/05/15 09:43:00 | 000,400,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ipsmsnap.dll
    [2012/05/15 09:43:00 | 000,337,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msihnd.dll
    [2012/05/15 09:43:00 | 000,301,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\srchadmin.dll
    [2012/05/15 09:43:00 | 000,222,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wwanconn.dll
    [2012/05/15 09:43:00 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\eapphost.dll
    [2012/05/15 09:43:00 | 000,202,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\framedyn.dll
    [2012/05/15 09:43:00 | 000,181,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tcpipcfg.dll
    [2012/05/15 09:43:00 | 000,179,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\schtasks.exe
    [2012/05/15 09:43:00 | 000,171,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\QAGENT.DLL
    [2012/05/15 09:43:00 | 000,171,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\scsiport.sys
    [2012/05/15 09:43:00 | 000,168,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcdsrv.dll
    [2012/05/15 09:43:00 | 000,156,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prntvpt.dll
    [2012/05/15 09:43:00 | 000,155,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mscorier.dll
    [2012/05/15 09:43:00 | 000,154,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mscorier.dll
    [2012/05/15 09:43:00 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shsetup.dll
    [2012/05/15 09:43:00 | 000,126,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
    [2012/05/15 09:43:00 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- D:\Windows\System32\fms.dll
    [2012/05/15 09:43:00 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpsign.exe
    [2012/05/15 09:42:59 | 001,227,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wdc.dll
    [2012/05/15 09:42:59 | 001,066,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Display.dll
    [2012/05/15 09:42:59 | 000,957,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mblctr.exe
    [2012/05/15 09:42:59 | 000,749,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\batmeter.dll
    [2012/05/15 09:42:59 | 000,624,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qedit.dll
    [2012/05/15 09:42:59 | 000,307,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\scesrv.dll
    [2012/05/15 09:42:59 | 000,211,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mprddm.dll
    [2012/05/15 09:42:59 | 000,117,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netid.dll
    [2012/05/15 09:42:59 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\hidclass.sys
    [2012/05/15 09:42:58 | 002,217,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bootres.dll
    [2012/05/15 09:42:58 | 001,326,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wlanpref.dll
    [2012/05/15 09:42:58 | 001,202,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DiagCpl.dll
    [2012/05/15 09:42:58 | 001,003,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMNetMgr.dll
    [2012/05/15 09:42:58 | 000,933,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Vault.dll
    [2012/05/15 09:42:58 | 000,625,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\usercpl.dll
    [2012/05/15 09:42:58 | 000,433,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MCEWMDRMNDBootstrap.dll
    [2012/05/15 09:42:58 | 000,372,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rastls.dll
    [2012/05/15 09:42:58 | 000,346,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\untfs.dll
    [2012/05/15 09:42:58 | 000,250,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ksproxy.ax
    [2012/05/15 09:42:58 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpsrcwp.dll
    [2012/05/15 09:42:58 | 000,098,816 | ---- | C] (Microsoft) -- D:\Windows\SysWow64\Robocopy.exe
    [2012/05/15 09:42:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WSTPager.ax
    [2012/05/15 09:42:58 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\nci.dll
    [2012/05/15 09:42:58 | 000,052,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rtutils.dll
    [2012/05/15 09:42:57 | 001,400,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DxpTaskSync.dll
    [2012/05/15 09:42:57 | 001,040,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Display.dll
    [2012/05/15 09:42:57 | 000,812,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpccpl.dll
    [2012/05/15 09:42:57 | 000,324,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\puiobj.dll
    [2012/05/15 09:42:57 | 000,320,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mtxclu.dll
    [2012/05/15 09:42:57 | 000,279,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxdiagn.dll
    [2012/05/15 09:42:57 | 000,227,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\taskmgr.exe
    [2012/05/15 09:42:57 | 000,225,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SndVolSSO.dll
    [2012/05/15 09:42:57 | 000,211,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rasppp.dll
    [2012/05/15 09:42:57 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shdocvw.dll
    [2012/05/15 09:42:57 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsRasterService.dll
    [2012/05/15 09:42:57 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\hbaapi.dll
    [2012/05/15 09:42:57 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3cfg.dll
    [2012/05/15 09:42:57 | 000,052,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\winhv.sys
  8. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    [2012/05/15 09:42:56 | 003,745,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\accessibilitycpl.dll
    [2012/05/15 09:42:56 | 000,416,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wiadefui.dll
    [2012/05/15 09:42:56 | 000,416,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prnfldr.dll
    [2012/05/15 09:42:56 | 000,403,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\untfs.dll
    [2012/05/15 09:42:56 | 000,352,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\termmgr.dll
    [2012/05/15 09:42:56 | 000,300,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pdh.dll
    [2012/05/15 09:42:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\eudcedit.exe
    [2012/05/15 09:42:56 | 000,268,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSAC3ENC.DLL
    [2012/05/15 09:42:56 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskmgr.exe
    [2012/05/15 09:42:56 | 000,193,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sppcomapi.dll
    [2012/05/15 09:42:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rasppp.dll
    [2012/05/15 09:42:56 | 000,155,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\ataport.sys
    [2012/05/15 09:42:56 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cabview.dll
    [2012/05/15 09:42:56 | 000,127,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\logoncli.dll
    [2012/05/15 09:42:56 | 000,115,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WPDShServiceObj.dll
    [2012/05/15 09:42:56 | 000,111,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\shsetup.dll
    [2012/05/15 09:42:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\proquota.exe
    [2012/05/15 09:42:55 | 002,202,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SensorsCpl.dll
    [2012/05/15 09:42:55 | 002,157,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\themecpl.dll
    [2012/05/15 09:42:55 | 000,856,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\FirewallControlPanel.dll
    [2012/05/15 09:42:55 | 000,649,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\appwiz.cpl
    [2012/05/15 09:42:55 | 000,413,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PhotoScreensaver.scr
    [2012/05/15 09:42:55 | 000,366,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\zipfldr.dll
    [2012/05/15 09:42:55 | 000,349,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\slui.exe
    [2012/05/15 09:42:55 | 000,335,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msieftp.dll
    [2012/05/15 09:42:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\hgcpl.dll
    [2012/05/15 09:42:55 | 000,233,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\defaultlocationcpl.dll
    [2012/05/15 09:42:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\FWPUCLNT.DLL
    [2012/05/15 09:42:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dnscmmc.dll
    [2012/05/15 09:42:54 | 002,146,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\networkmap.dll
    [2012/05/15 09:42:54 | 001,065,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cryptui.dll
    [2012/05/15 09:42:54 | 000,828,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\fontext.dll
    [2012/05/15 09:42:54 | 000,780,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ActionCenter.dll
    [2012/05/15 09:42:54 | 000,769,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sud.dll
    [2012/05/15 09:42:54 | 000,600,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PerfCenterCPL.dll
    [2012/05/15 09:42:54 | 000,600,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\usercpl.dll
    [2012/05/15 09:42:54 | 000,508,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DeviceCenter.dll
    [2012/05/15 09:42:54 | 000,503,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srcore.dll
    [2012/05/15 09:42:54 | 000,481,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mscms.dll
    [2012/05/15 09:42:54 | 000,429,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\localsec.dll
    [2012/05/15 09:42:54 | 000,410,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wlanui.dll
    [2012/05/15 09:42:54 | 000,268,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mprddm.dll
    [2012/05/15 09:42:54 | 000,243,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\taskbarcpl.dll
    [2012/05/15 09:42:54 | 000,221,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OnLineIDCpl.dll
    [2012/05/15 09:42:54 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SndVolSSO.dll
    [2012/05/15 09:42:54 | 000,175,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\scecli.dll
    [2012/05/15 09:42:54 | 000,172,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\twext.dll
    [2012/05/15 09:42:54 | 000,080,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mscories.dll
    [2012/05/15 09:42:53 | 003,727,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\accessibilitycpl.dll
    [2012/05/15 09:42:53 | 001,644,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netcenter.dll
    [2012/05/15 09:42:53 | 000,898,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OobeFldr.dll
    [2012/05/15 09:42:53 | 000,740,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\batmeter.dll
    [2012/05/15 09:42:53 | 000,701,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dsuiext.dll
    [2012/05/15 09:42:53 | 000,638,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\VAN.dll
    [2012/05/15 09:42:53 | 000,509,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\qedit.dll
    [2012/05/15 09:42:53 | 000,472,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\azroleui.dll
    [2012/05/15 09:42:53 | 000,373,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\intl.cpl
    [2012/05/15 09:42:53 | 000,352,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\spwizeng.dll
    [2012/05/15 09:42:53 | 000,346,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcdedit.exe
    [2012/05/15 09:42:53 | 000,345,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MediaMetadataHandler.dll
    [2012/05/15 09:42:53 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SndVol.exe
    [2012/05/15 09:42:53 | 000,314,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\azroleui.dll
    [2012/05/15 09:42:53 | 000,154,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\uxlib.dll
    [2012/05/15 09:42:53 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\recovery.dll
    [2012/05/15 09:42:53 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\prntvpt.dll
    [2012/05/15 09:42:53 | 000,095,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cca.dll
    [2012/05/15 09:42:53 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\isoburn.exe
    [2012/05/15 09:42:53 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\w32tm.exe
    [2012/05/15 09:42:53 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sisbkup.dll
    [2012/05/15 09:42:52 | 002,130,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\networkmap.dll
    [2012/05/15 09:42:52 | 001,003,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cryptui.dll
    [2012/05/15 09:42:52 | 000,762,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sdcpl.dll
    [2012/05/15 09:42:52 | 000,721,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bthprops.cpl
    [2012/05/15 09:42:52 | 000,549,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ActionCenterCPL.dll
    [2012/05/15 09:42:52 | 000,516,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\main.cpl
    [2012/05/15 09:42:52 | 000,460,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\certcli.dll
    [2012/05/15 09:42:52 | 000,451,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shwebsvc.dll
    [2012/05/15 09:42:52 | 000,419,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\systemcpl.dll
    [2012/05/15 09:42:52 | 000,414,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wlanmsm.dll
    [2012/05/15 09:42:52 | 000,327,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\zipfldr.dll
    [2012/05/15 09:42:52 | 000,320,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Faultrep.dll
    [2012/05/15 09:42:52 | 000,304,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\efscore.dll
    [2012/05/15 09:42:52 | 000,238,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\recdisc.exe
    [2012/05/15 09:42:52 | 000,226,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MSAC3ENC.DLL
    [2012/05/15 09:42:52 | 000,207,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sysclass.dll
    [2012/05/15 09:42:52 | 000,200,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\syncui.dll
    [2012/05/15 09:42:52 | 000,196,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VBICodec.ax
    [2012/05/15 09:42:52 | 000,193,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netplwiz.dll
    [2012/05/15 09:42:52 | 000,186,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\adsldp.dll
    [2012/05/15 09:42:52 | 000,184,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fvecpl.dll
    [2012/05/15 09:42:52 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netjoin.dll
    [2012/05/15 09:42:52 | 000,155,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\autoplay.dll
    [2012/05/15 09:42:52 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ncryptui.dll
    [2012/05/15 09:42:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\fdeploy.dll
    [2012/05/15 09:42:52 | 000,058,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tzutil.exe
    [2012/05/15 09:42:52 | 000,045,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\httpapi.dll
    [2012/05/15 09:42:51 | 000,755,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sud.dll
    [2012/05/15 09:42:51 | 000,744,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ActionCenter.dll
    [2012/05/15 09:42:51 | 000,445,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwizeng.dll
    [2012/05/15 09:42:51 | 000,395,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\prnfldr.dll
    [2012/05/15 09:42:51 | 000,314,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wusa.exe
    [2012/05/15 09:42:51 | 000,312,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MCEWMDRMNDBootstrap.dll
    [2012/05/15 09:42:51 | 000,301,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msieftp.dll
    [2012/05/15 09:42:51 | 000,295,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\photowiz.dll
    [2012/05/15 09:42:51 | 000,266,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MediaMetadataHandler.dll
    [2012/05/15 09:42:51 | 000,240,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MFPlay.dll
    [2012/05/15 09:42:51 | 000,218,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\OnLineIDCpl.dll
    [2012/05/15 09:42:51 | 000,185,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vdsutil.dll
    [2012/05/15 09:42:51 | 000,135,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AuxiliaryDisplayServices.dll
    [2012/05/15 09:42:51 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ksxbar.ax
    [2012/05/15 09:42:50 | 000,641,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msscp.dll
    [2012/05/15 09:42:50 | 000,474,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sysmon.ocx
    [2012/05/15 09:42:50 | 000,421,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\termmgr.dll
    [2012/05/15 09:42:50 | 000,389,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sysmon.ocx
    [2012/05/15 09:42:50 | 000,313,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ReAgent.dll
    [2012/05/15 09:42:50 | 000,296,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rstrui.exe
    [2012/05/15 09:42:50 | 000,279,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sethc.exe
    [2012/05/15 09:42:50 | 000,271,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iprtrmgr.dll
    [2012/05/15 09:42:50 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\defaultlocationcpl.dll
    [2012/05/15 09:42:50 | 000,189,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SmartcardCredentialProvider.dll
    [2012/05/15 09:42:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntlanman.dll
    [2012/05/15 09:42:50 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dot3cfg.dll
    [2012/05/15 09:42:50 | 000,042,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ftp.exe
    [2012/05/15 09:42:49 | 000,781,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmdrmsdk.dll
    [2012/05/15 09:42:49 | 000,692,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\bthprops.cpl
    [2012/05/15 09:42:49 | 000,537,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ActionCenterCPL.dll
    [2012/05/15 09:42:49 | 000,495,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drmmgrtn.dll
    [2012/05/15 09:42:49 | 000,484,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DeviceCenter.dll
    [2012/05/15 09:42:49 | 000,446,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sqlcese30.dll
    [2012/05/15 09:42:49 | 000,428,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\shwebsvc.dll
    [2012/05/15 09:42:49 | 000,345,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\intl.cpl
    [2012/05/15 09:42:49 | 000,333,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ssText3d.scr
    [2012/05/15 09:42:49 | 000,321,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\unimdm.tsp
    [2012/05/15 09:42:49 | 000,282,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iTVData.dll
    [2012/05/15 09:42:49 | 000,281,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iprtrmgr.dll
    [2012/05/15 09:42:49 | 000,205,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\efscore.dll
    [2012/05/15 09:42:49 | 000,159,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\syncui.dll
    [2012/05/15 09:42:49 | 000,148,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ifsutil.dll
    [2012/05/15 09:42:49 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\autoplay.dll
    [2012/05/15 09:42:49 | 000,128,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srvcli.dll
    [2012/05/15 09:42:49 | 000,084,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UserAccountControlSettings.dll
    [2012/05/15 09:42:49 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntlanman.dll
    [2012/05/15 09:42:49 | 000,068,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpd3d.dll
    [2012/05/15 09:42:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wwanprotdim.dll
    [2012/05/15 09:42:49 | 000,044,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tsgqec.dll
    [2012/05/15 09:42:49 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sisbkup.dll
    [2012/05/15 09:42:49 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\slwga.dll
    [2012/05/15 09:42:48 | 000,859,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\OobeFldr.dll
    [2012/05/15 09:42:48 | 000,743,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\blackbox.dll
    [2012/05/15 09:42:48 | 000,738,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmpmde.dll
    [2012/05/15 09:42:48 | 000,656,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\nshwfp.dll
    [2012/05/15 09:42:48 | 000,473,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\riched20.dll
    [2012/05/15 09:42:48 | 000,410,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\systemcpl.dll
    [2012/05/15 09:42:48 | 000,344,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntprint.dll
    [2012/05/15 09:42:48 | 000,297,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntprint.dll
    [2012/05/15 09:42:48 | 000,270,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\srrstr.dll
    [2012/05/15 09:42:48 | 000,270,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sethc.exe
    [2012/05/15 09:42:48 | 000,255,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wavemsp.dll
    [2012/05/15 09:42:48 | 000,225,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DevicePairingFolder.dll
    [2012/05/15 09:42:48 | 000,202,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\activeds.dll
    [2012/05/15 09:42:48 | 000,196,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dskquoui.dll
    [2012/05/15 09:42:48 | 000,193,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ksproxy.ax
    [2012/05/15 09:42:48 | 000,175,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bcdboot.exe
    [2012/05/15 09:42:48 | 000,173,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\powercfg.cpl
    [2012/05/15 09:42:48 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SmartcardCredentialProvider.dll
    [2012/05/15 09:42:48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\NAPHLPR.DLL
    [2012/05/15 09:42:48 | 000,109,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nslookup.exe
    [2012/05/15 09:42:48 | 000,107,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\NAPHLPR.DLL
    [2012/05/15 09:42:48 | 000,102,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppnp.dll
    [2012/05/15 09:42:48 | 000,068,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WSTPager.ax
    [2012/05/15 09:42:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\acppage.dll
    [2012/05/15 09:42:48 | 000,037,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rtutils.dll
    [2012/05/15 09:42:47 | 001,672,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\networkexplorer.dll
    [2012/05/15 09:42:47 | 001,133,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cdosys.dll
    [2012/05/15 09:42:47 | 000,805,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cdosys.dll
    [2012/05/15 09:42:47 | 000,606,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dfrgui.exe
    [2012/05/15 09:42:47 | 000,592,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msftedit.dll
    [2012/05/15 09:42:47 | 000,428,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wlanmsm.dll
    [2012/05/15 09:42:47 | 000,358,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpdxm.dll
    [2012/05/15 09:42:47 | 000,346,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\nshipsec.dll
    [2012/05/15 09:42:47 | 000,333,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dot3ui.dll
    [2012/05/15 09:42:47 | 000,257,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dpx.dll
    [2012/05/15 09:42:47 | 000,247,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ReAgent.dll
    [2012/05/15 09:42:47 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wavemsp.dll
    [2012/05/15 09:42:47 | 000,217,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WinSCard.dll
    [2012/05/15 09:42:47 | 000,182,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmpsrcwp.dll
    [2012/05/15 09:42:47 | 000,178,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuwebv.dll
    [2012/05/15 09:42:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PresentationSettings.exe
    [2012/05/15 09:42:47 | 000,175,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netplwiz.dll
    [2012/05/15 09:42:47 | 000,164,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wuwebv.dll
    [2012/05/15 09:42:47 | 000,153,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\remotepg.dll
    [2012/05/15 09:42:47 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\net1.exe
    [2012/05/15 09:42:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kstvtune.ax
    [2012/05/15 09:42:47 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\migisol.dll
    [2012/05/15 09:42:47 | 000,094,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cabinet.dll
    [2012/05/15 09:42:47 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- D:\Windows\SysWow64\fms.dll
    [2012/05/15 09:42:47 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\isoburn.exe
    [2012/05/15 09:42:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wkscli.dll
    [2012/05/15 09:42:47 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wsnmp32.dll
    [2012/05/15 09:42:47 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ftp.exe
    [2012/05/15 09:42:47 | 000,034,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\httpapi.dll
    [2012/05/15 09:42:46 | 001,911,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\OpcServices.dll
    [2012/05/15 09:42:46 | 000,899,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Bubbles.scr
    [2012/05/15 09:42:46 | 000,840,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\blackbox.dll
    [2012/05/15 09:42:46 | 000,685,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dsuiext.dll
    [2012/05/15 09:42:46 | 000,636,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmdrmdev.dll
    [2012/05/15 09:42:46 | 000,594,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wvc.dll
    [2012/05/15 09:42:46 | 000,586,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dfrgui.exe
    [2012/05/15 09:42:46 | 000,497,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\main.cpl
    [2012/05/15 09:42:46 | 000,444,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wvc.dll
    [2012/05/15 09:42:46 | 000,438,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\AdmTmpl.dll
    [2012/05/15 09:42:46 | 000,406,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wimgapi.dll
    [2012/05/15 09:42:46 | 000,363,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\diskraid.exe
    [2012/05/15 09:42:46 | 000,293,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wsqmcons.exe
    [2012/05/15 09:42:46 | 000,281,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\unimdm.tsp
    [2012/05/15 09:42:46 | 000,258,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\dxgmms1.sys
    [2012/05/15 09:42:46 | 000,209,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PkgMgr.exe
    [2012/05/15 09:42:46 | 000,209,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mstask.dll
    [2012/05/15 09:42:46 | 000,206,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\qasf.dll
    [2012/05/15 09:42:46 | 000,206,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfps.dll
    [2012/05/15 09:42:46 | 000,197,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ocsetup.exe
    [2012/05/15 09:42:46 | 000,190,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\qcap.dll
    [2012/05/15 09:42:46 | 000,182,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFPlatform.dll
    [2012/05/15 09:42:46 | 000,180,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ifsutil.dll
    [2012/05/15 09:42:46 | 000,146,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\twext.dll
    [2012/05/15 09:42:46 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\uxlib.dll
    [2012/05/15 09:42:46 | 000,113,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\setupugc.exe
    [2012/05/15 09:42:46 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mapistub.dll
    [2012/05/15 09:42:46 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mapi32.dll
    [2012/05/15 09:42:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\unimdmat.dll
    [2012/05/15 09:42:46 | 000,051,200 | ---- | C] (Twain Working Group) -- D:\Windows\twain_32.dll
    [2012/05/15 09:42:46 | 000,047,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tzutil.exe
    [2012/05/15 09:42:46 | 000,040,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wtsapi32.dll
    [2012/05/15 09:42:46 | 000,037,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iscsium.dll
    [2012/05/15 09:42:46 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WerFaultSecure.exe
    [2012/05/15 09:42:46 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
    [2012/05/15 09:42:45 | 000,616,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmdrmsdk.dll
    [2012/05/15 09:42:45 | 000,573,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
    [2012/05/15 09:42:45 | 000,294,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsAnytimeUpgradeResults.exe
    [2012/05/15 09:42:45 | 000,293,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ssText3d.scr
    [2012/05/15 09:42:45 | 000,243,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\audiodev.dll
    [2012/05/15 09:42:45 | 000,242,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Mystify.scr
    [2012/05/15 09:42:45 | 000,241,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Ribbons.scr
    [2012/05/15 09:42:45 | 000,230,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\clusapi.dll
    [2012/05/15 09:42:45 | 000,132,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmpshell.dll
    [2012/05/15 09:42:45 | 000,120,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msvfw32.dll
    [2012/05/15 09:42:45 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\nslookup.exe
    [2012/05/15 09:42:45 | 000,084,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mciavi32.dll
    [2012/05/15 09:42:45 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\muifontsetup.dll
    [2012/05/15 09:42:45 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\slwga.dll
    [2012/05/15 09:42:44 | 001,087,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dbghelp.dll
    [2012/05/15 09:42:44 | 000,623,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSAPI.dll
    [2012/05/15 09:42:44 | 000,504,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msscp.dll
    [2012/05/15 09:42:44 | 000,402,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\drmmgrtn.dll
    [2012/05/15 09:42:44 | 000,337,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\raschap.dll
    [2012/05/15 09:42:44 | 000,327,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wimserv.exe
    [2012/05/15 09:42:44 | 000,318,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\raschap.dll
    [2012/05/15 09:42:44 | 000,276,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\diskraid.exe
    [2012/05/15 09:42:44 | 000,254,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qasf.dll
    [2012/05/15 09:42:44 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpencom.dll
    [2012/05/15 09:42:44 | 000,213,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ActionQueue.dll
    [2012/05/15 09:42:44 | 000,211,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DevicePairingFolder.dll
    [2012/05/15 09:42:44 | 000,202,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\input.dll
    [2012/05/15 09:42:44 | 000,186,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdpencom.dll
    [2012/05/15 09:42:44 | 000,172,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\perfmon.exe
    [2012/05/15 09:42:44 | 000,157,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\perfmon.exe
    [2012/05/15 09:42:44 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\remotepg.dll
    [2012/05/15 09:42:44 | 000,124,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wiavideo.dll
    [2012/05/15 09:42:44 | 000,080,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\QUTIL.DLL
    [2012/05/15 09:42:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tlscsp.dll
    [2012/05/15 09:42:44 | 000,071,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\bfsvc.exe
    [2012/05/15 09:42:44 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\umb.dll
    [2012/05/15 09:42:44 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\runonce.exe
    [2012/05/15 09:42:44 | 000,050,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\NAPCRYPT.DLL
    [2012/05/15 09:42:44 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\acppage.dll
    [2012/05/15 09:42:44 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\AzSqlExt.dll
    [2012/05/15 09:42:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netutils.dll
    [2012/05/15 09:42:43 | 001,232,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMADMOD.DLL
    [2012/05/15 09:42:43 | 001,111,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\onexui.dll
    [2012/05/15 09:42:43 | 000,666,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMVSDECD.DLL
    [2012/05/15 09:42:43 | 000,395,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nltest.exe
    [2012/05/15 09:42:43 | 000,299,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmpdxm.dll
    [2012/05/15 09:42:43 | 000,242,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\eapp3hst.dll
    [2012/05/15 09:42:43 | 000,238,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mstask.dll
    [2012/05/15 09:42:43 | 000,232,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bitsadmin.exe
    [2012/05/15 09:42:43 | 000,219,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iTVData.dll
    [2012/05/15 09:42:43 | 000,215,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wpdwcn.dll
    [2012/05/15 09:42:43 | 000,210,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxdiagn.dll
    [2012/05/15 09:42:43 | 000,198,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wpdwcn.dll
    [2012/05/15 09:42:43 | 000,190,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vdsbas.dll
    [2012/05/15 09:42:43 | 000,176,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MFPlay.dll
    [2012/05/15 09:42:43 | 000,174,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ocsetapi.dll
    [2012/05/15 09:42:43 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\vdsbas.dll
    [2012/05/15 09:42:43 | 000,146,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MdSched.exe
    [2012/05/15 09:42:43 | 000,146,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\rmcast.sys
    [2012/05/15 09:42:43 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shacct.dll
    [2012/05/15 09:42:43 | 000,133,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Kswdmcap.ax
    [2012/05/15 09:42:43 | 000,095,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\logagent.exe
    [2012/05/15 09:42:43 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UserAccountControlSettings.dll
    [2012/05/15 09:42:43 | 000,050,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\runonce.exe
    [2012/05/15 09:42:43 | 000,048,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PrintIsolationProxy.dll
    [2012/05/15 09:42:43 | 000,046,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\NAPCRYPT.DLL
    [2012/05/15 09:42:43 | 000,046,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cscapi.dll
    [2012/05/15 09:42:43 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\vpnikeapi.dll
    [2012/05/15 09:42:43 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\syssetup.dll
    [2012/05/15 09:42:42 | 001,160,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\OpcServices.dll
    [2012/05/15 09:42:42 | 000,978,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMSPDMOD.DLL
    [2012/05/15 09:42:42 | 000,878,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Bubbles.scr
    [2012/05/15 09:42:42 | 000,527,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmdrmnet.dll
    [2012/05/15 09:42:42 | 000,507,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmdrmdev.dll
    [2012/05/15 09:42:42 | 000,489,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
    [2012/05/15 09:42:42 | 000,435,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceStatus.dll
    [2012/05/15 09:42:42 | 000,431,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WPDSp.dll
    [2012/05/15 09:42:42 | 000,427,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PortableDeviceStatus.dll
    [2012/05/15 09:42:42 | 000,350,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WPDSp.dll
    [2012/05/15 09:42:42 | 000,325,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msnetobj.dll
    [2012/05/15 09:42:42 | 000,313,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3ui.dll
    [2012/05/15 09:42:42 | 000,309,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sqlcese30.dll
    [2012/05/15 09:42:42 | 000,250,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qdv.dll
    [2012/05/15 09:42:42 | 000,236,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pdh.dll
    [2012/05/15 09:42:42 | 000,224,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PortableDeviceSyncProvider.dll
    [2012/05/15 09:42:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Ribbons.scr
    [2012/05/15 09:42:42 | 000,186,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\bitsadmin.exe
    [2012/05/15 09:42:42 | 000,183,296 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\PortableDeviceSyncProvider.dll
    [2012/05/15 09:42:42 | 000,181,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qcap.dll
    [2012/05/15 09:42:42 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mprapi.dll
    [2012/05/15 09:42:42 | 000,137,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CscMig.dll
    [2012/05/15 09:42:42 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\desk.cpl
    [2012/05/15 09:42:42 | 000,124,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QSVRMGMT.DLL
    [2012/05/15 09:42:42 | 000,121,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc_ssp_isv.dll
    [2012/05/15 09:42:42 | 000,121,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secproc_ssp.dll
    [2012/05/15 09:42:42 | 000,121,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fphc.dll
    [2012/05/15 09:42:42 | 000,108,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\shacct.dll
    [2012/05/15 09:42:42 | 000,105,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmpshell.dll
    [2012/05/15 09:42:42 | 000,104,448 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logman.exe
    [2012/05/15 09:42:42 | 000,099,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\QSVRMGMT.DLL
    [2012/05/15 09:42:42 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wudriver.dll
  9. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    [2012/05/15 09:42:42 | 000,087,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wudriver.dll
    [2012/05/15 09:42:42 | 000,084,480 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\kstvtune.ax
    [2012/05/15 09:42:42 | 000,082,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\logman.exe
    [2012/05/15 09:42:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tabcal.exe
    [2012/05/15 09:42:42 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spbcd.dll
    [2012/05/15 09:42:42 | 000,077,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\olethk32.dll
    [2012/05/15 09:42:42 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vss_ps.dll
    [2012/05/15 09:42:42 | 000,060,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ncryptui.dll
    [2012/05/15 09:42:42 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\unimdmat.dll
    [2012/05/15 09:42:42 | 000,052,224 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdpd3d.dll
    [2012/05/15 09:42:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmictimeprovider.dll
    [2012/05/15 09:42:42 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tsgqec.dll
    [2012/05/15 09:42:42 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iscsium.dll
    [2012/05/15 09:42:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\lsmproxy.dll
    [2012/05/15 09:42:41 | 001,148,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IMJP10.IME
    [2012/05/15 09:42:41 | 000,902,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMADMOD.DLL
    [2012/05/15 09:42:41 | 000,681,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFx.dll
    [2012/05/15 09:42:41 | 000,541,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMVSDECD.DLL
    [2012/05/15 09:42:41 | 000,436,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmdrmnet.dll
    [2012/05/15 09:42:41 | 000,392,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
    [2012/05/15 09:42:41 | 000,318,464 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
    [2012/05/15 09:42:41 | 000,283,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\qdv.dll
    [2012/05/15 09:42:41 | 000,265,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msnetobj.dll
    [2012/05/15 09:42:41 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFHost.exe
    [2012/05/15 09:42:41 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Mystify.scr
    [2012/05/15 09:42:41 | 000,153,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\VBICodec.ax
    [2012/05/15 09:42:41 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\EhStorAPI.dll
    [2012/05/15 09:42:41 | 000,142,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\powercfg.cpl
    [2012/05/15 09:42:41 | 000,128,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\EhStorAPI.dll
    [2012/05/15 09:42:41 | 000,115,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dot3msm.dll
    [2012/05/15 09:42:41 | 000,109,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wiavideo.dll
    [2012/05/15 09:42:41 | 000,107,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Kswdmcap.ax
    [2012/05/15 09:42:41 | 000,100,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sppinst.dll
    [2012/05/15 09:42:41 | 000,098,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\fphc.dll
    [2012/05/15 09:42:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cmstp.exe
    [2012/05/15 09:42:41 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\avifil32.dll
    [2012/05/15 09:42:41 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\amstream.dll
    [2012/05/15 09:42:41 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\QCLIPROV.DLL
    [2012/05/15 09:42:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mapistub.dll
    [2012/05/15 09:42:41 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mapi32.dll
    [2012/05/15 09:42:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\netapi32.dll
    [2012/05/15 09:42:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CertPolEng.dll
    [2012/05/15 09:42:41 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\takeown.exe
    [2012/05/15 09:42:41 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\PnPUnattend.exe
    [2012/05/15 09:42:41 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\djoin.exe
    [2012/05/15 09:42:41 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\takeown.exe
    [2012/05/15 09:42:41 | 000,037,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shimgvw.dll
    [2012/05/15 09:42:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\utildll.dll
    [2012/05/15 09:42:41 | 000,027,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\HotStartUserAgent.dll
    [2012/05/15 09:42:41 | 000,015,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nrpsrv.dll
    [2012/05/15 09:42:40 | 000,739,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMSPDMOD.DLL
    [2012/05/15 09:42:40 | 000,306,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate_ssp.exe
    [2012/05/15 09:42:40 | 000,305,152 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RMActivate_ssp_isv.exe
    [2012/05/15 09:42:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\itircl.dll
    [2012/05/15 09:42:40 | 000,176,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msorcl32.dll
    [2012/05/15 09:42:40 | 000,166,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\diskpart.exe
    [2012/05/15 09:42:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iscsicli.exe
    [2012/05/15 09:42:40 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iscsicli.exe
    [2012/05/15 09:42:40 | 000,143,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mydocs.dll
    [2012/05/15 09:42:40 | 000,136,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mydocs.dll
    [2012/05/15 09:42:40 | 000,133,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\diskpart.exe
    [2012/05/15 09:42:40 | 000,130,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\BdeHdCfg.exe
    [2012/05/15 09:42:40 | 000,128,000 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\desk.cpl
    [2012/05/15 09:42:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\setupcln.dll
    [2012/05/15 09:42:40 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dot3msm.dll
    [2012/05/15 09:42:40 | 000,102,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mobsync.exe
    [2012/05/15 09:42:40 | 000,084,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cmstp.exe
    [2012/05/15 09:42:40 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fdProxy.dll
    [2012/05/15 09:42:40 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\QCLIPROV.DLL
    [2012/05/15 09:42:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MuiUnattend.exe
    [2012/05/15 09:42:40 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\amstream.dll
    [2012/05/15 09:42:40 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rastapi.dll
    [2012/05/15 09:42:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cca.dll
    [2012/05/15 09:42:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WavDest.dll
    [2012/05/15 09:42:40 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\spbcd.dll
    [2012/05/15 09:42:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browcli.dll
    [2012/05/15 09:42:40 | 000,057,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\g711codc.ax
    [2012/05/15 09:42:40 | 000,056,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\vfwwdm32.dll
    [2012/05/15 09:42:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wsnmp32.dll
    [2012/05/15 09:42:40 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MultiDigiMon.exe
    [2012/05/15 09:42:40 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuauclt.exe
    [2012/05/15 09:42:40 | 000,047,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wkscli.dll
    [2012/05/15 09:42:40 | 000,046,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pdhui.dll
    [2012/05/15 09:42:40 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbisurf.ax
    [2012/05/15 09:42:40 | 000,043,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\relog.exe
    [2012/05/15 09:42:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\relog.exe
    [2012/05/15 09:42:40 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdmo.dll
    [2012/05/15 09:42:40 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\AzSqlExt.dll
    [2012/05/15 09:42:40 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netiougc.exe
    [2012/05/15 09:42:40 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\netbtugc.exe
    [2012/05/15 09:42:40 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\BWUnpairElevated.dll
    [2012/05/15 09:42:40 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sscore.dll
    [2012/05/15 09:42:39 | 001,080,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\onexui.dll
    [2012/05/15 09:42:39 | 001,027,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IMJP10.IME
    [2012/05/15 09:42:39 | 000,434,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSTIFF.dll
    [2012/05/15 09:42:39 | 000,280,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RMActivate_ssp.exe
    [2012/05/15 09:42:39 | 000,278,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RMActivate_ssp_isv.exe
    [2012/05/15 09:42:39 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\itircl.dll
    [2012/05/15 09:42:39 | 000,145,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sppc.dll
    [2012/05/15 09:42:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmpps.dll
    [2012/05/15 09:42:39 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\eappgnui.dll
    [2012/05/15 09:42:39 | 000,101,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mobsync.exe
    [2012/05/15 09:42:39 | 000,094,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\eappgnui.dll
    [2012/05/15 09:42:39 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\secproc_ssp_isv.dll
    [2012/05/15 09:42:39 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\secproc_ssp.dll
    [2012/05/15 09:42:39 | 000,071,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\resutils.dll
    [2012/05/15 09:42:39 | 000,071,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\findstr.exe
    [2012/05/15 09:42:39 | 000,069,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tlscsp.dll
    [2012/05/15 09:42:39 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\CertPolEng.dll
    [2012/05/15 09:42:39 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\findstr.exe
    [2012/05/15 09:42:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\luainstall.dll
    [2012/05/15 09:42:39 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ksxbar.ax
    [2012/05/15 09:42:39 | 000,041,472 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mciqtz32.dll
    [2012/05/15 09:42:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wuapp.exe
    [2012/05/15 09:42:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\choice.exe
    [2012/05/15 09:42:39 | 000,036,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mciqtz32.dll
    [2012/05/15 09:42:39 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wuapp.exe
    [2012/05/15 09:42:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WerFaultSecure.exe
    [2012/05/15 09:42:39 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qprocess.exe
    [2012/05/15 09:42:39 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\schedcli.dll
    [2012/05/15 09:42:39 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\chglogon.exe
    [2012/05/15 09:42:39 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ReAgentc.exe
    [2012/05/15 09:42:39 | 000,014,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\syssetup.dll
    [2012/05/15 09:42:38 | 000,147,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RDPENCDD.dll
    [2012/05/15 09:42:38 | 000,121,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sppc.dll
    [2012/05/15 09:42:38 | 000,082,944 | ---- | C] (Radius Inc.) -- D:\Windows\SysWow64\iccvid.dll
    [2012/05/15 09:42:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\manage-bde.exe
    [2012/05/15 09:42:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\cabinet.dll
    [2012/05/15 09:42:38 | 000,065,536 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetmib1.dll
    [2012/05/15 09:42:38 | 000,053,760 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmicres.dll
    [2012/05/15 09:42:38 | 000,053,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbcconf.dll
    [2012/05/15 09:42:38 | 000,052,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetmib1.dll
    [2012/05/15 09:42:38 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\repair-bde.exe
    [2012/05/15 09:42:38 | 000,045,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\g711codc.ax
    [2012/05/15 09:42:38 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WUDFCoinstaller.dll
    [2012/05/15 09:42:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\luainstall.dll
    [2012/05/15 09:42:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSMON.dll
    [2012/05/15 09:42:38 | 000,038,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmstorfltres.dll
    [2012/05/15 09:42:38 | 000,036,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wdiasqmmodule.dll
    [2012/05/15 09:42:38 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\shimgvw.dll
    [2012/05/15 09:42:38 | 000,034,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\unlodctr.exe
    [2012/05/15 09:42:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\vbisurf.ax
    [2012/05/15 09:42:38 | 000,033,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\profprov.dll
    [2012/05/15 09:42:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msdmo.dll
    [2012/05/15 09:42:38 | 000,024,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\chgport.exe
    [2012/05/15 09:42:38 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tskill.exe
    [2012/05/15 09:42:38 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qappsrv.exe
    [2012/05/15 09:42:38 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tscon.exe
    [2012/05/15 09:42:38 | 000,022,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tsdiscon.exe
    [2012/05/15 09:42:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rwinsta.exe
    [2012/05/15 09:42:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdprefdrvapi.dll
    [2012/05/15 09:42:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\logoff.exe
    [2012/05/15 09:42:38 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\chgusr.exe
    [2012/05/15 09:42:38 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\spopk.dll
    [2012/05/15 09:42:38 | 000,018,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spopk.dll
    [2012/05/15 09:42:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fixmapi.exe
    [2012/05/15 09:42:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\muifontsetup.dll
    [2012/05/15 09:42:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UIRibbonRes.dll
    [2012/05/15 09:42:37 | 001,164,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIRibbonRes.dll
    [2012/05/15 09:42:37 | 000,457,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imkr80.ime
    [2012/05/15 09:42:37 | 000,072,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\napdsnap.dll
    [2012/05/15 09:42:37 | 000,068,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\napdsnap.dll
    [2012/05/15 09:42:37 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmbusres.dll
    [2012/05/15 09:42:37 | 000,041,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\browcli.dll
    [2012/05/15 09:42:37 | 000,040,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbcconf.dll
    [2012/05/15 09:42:37 | 000,036,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dsauth.dll
    [2012/05/15 09:42:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usbrpm.sys
    [2012/05/15 09:42:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dsauth.dll
    [2012/05/15 09:42:37 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cscdll.dll
    [2012/05/15 09:42:37 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wups.dll
    [2012/05/15 09:42:37 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\LogonUI.exe
    [2012/05/15 09:42:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\tdi.sys
    [2012/05/15 09:42:37 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\elsTrans.dll
    [2012/05/15 09:42:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\bitsperf.dll
    [2012/05/15 09:42:37 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdprefdrvapi.dll
    [2012/05/15 09:42:37 | 000,022,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\elsTrans.dll
    [2012/05/15 09:42:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\TRAPI.dll
    [2012/05/15 09:42:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\TRAPI.dll
    [2012/05/15 09:42:37 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shadow.exe
    [2012/05/15 09:42:37 | 000,019,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\bitsperf.dll
    [2012/05/15 09:42:37 | 000,018,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSUNATD.exe
    [2012/05/15 09:42:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\schedcli.dll
    [2012/05/15 09:42:37 | 000,017,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\perfts.dll
    [2012/05/15 09:42:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\reset.exe
    [2012/05/15 09:42:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\change.exe
    [2012/05/15 09:42:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\query.exe
    [2012/05/15 09:42:36 | 000,430,080 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imkr80.ime
    [2012/05/15 09:42:36 | 000,037,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wups2.dll
    [2012/05/15 09:42:36 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wups.dll
    [2012/05/15 09:42:36 | 000,032,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\USBCAMD2.sys
    [2012/05/15 09:42:36 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shgina.dll
    [2012/05/15 09:42:36 | 000,026,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wsdchngr.dll
    [2012/05/15 09:42:36 | 000,021,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wsdchngr.dll
    [2012/05/15 09:42:36 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\shgina.dll
    [2012/05/15 09:42:36 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wshirda.dll
    [2012/05/15 09:42:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sscore.dll
    [2012/05/15 09:42:36 | 000,008,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\riched32.dll
    [2012/05/15 09:42:35 | 000,130,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VmbusCoinstaller.dll
    [2012/05/15 09:42:35 | 000,129,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\VmdCoinstall.dll
    [2012/05/15 09:42:35 | 000,128,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IcCoinstall.dll
    [2012/05/15 09:42:35 | 000,015,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vmbuspipe.dll
    [2012/05/15 09:42:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\C_ISCII.DLL
    [2012/05/15 09:42:35 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wshirda.dll
    [2012/05/15 09:42:35 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\riched32.dll
    [2012/05/15 09:42:35 | 000,010,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcfgex.dll
    [2012/05/15 09:42:35 | 000,009,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwmp.dll
    [2012/05/15 09:42:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\spwmp.dll
    [2012/05/15 09:42:34 | 012,625,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wmploc.DLL
    [2012/05/15 09:42:34 | 012,625,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wmploc.DLL
    [2012/05/15 09:42:34 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\nlsbres.dll
    [2012/05/15 09:42:34 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\nlsbres.dll
    [2012/05/15 09:42:34 | 000,052,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\BlbEvents.dll
    [2012/05/15 09:42:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pifmgr.dll
    [2012/05/15 09:42:34 | 000,035,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pifmgr.dll
    [2012/05/15 09:42:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\shunimpl.dll
    [2012/05/15 09:42:34 | 000,011,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\C_ISCII.DLL
    [2012/05/15 09:42:34 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\shunimpl.dll
    [2012/05/15 09:42:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTUQ.DLL
    [2012/05/15 09:42:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTUF.DLL
    [2012/05/15 09:42:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDSG.DLL
    [2012/05/15 09:42:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kbdlk41a.dll
    [2012/05/15 09:42:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDGKL.DLL
    [2012/05/15 09:42:34 | 000,008,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDCZ1.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\spwizres.dll
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\spwizres.dll
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDTUQ.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDTUF.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDSG.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDSF.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDPO.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDNEPR.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\kbdlk41a.dll
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINTAM.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINBEN.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDGR1.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDGR1.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDGKL.DLL
    [2012/05/15 09:42:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDCZ1.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDUS.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDUGHR1.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTURME.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDTAJIK.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDSF.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDPO.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDNEPR.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDMON.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDMAORI.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDLT1.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINTEL.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINTAM.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINORI.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINORI.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINMAR.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINMAR.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINKAN.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINKAN.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINHIN.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDINHIN.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINBEN.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDBULG.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDBLR.DLL
    [2012/05/15 09:42:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDBASH.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDUS.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDUGHR1.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDTURME.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDTAJIK.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDMON.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDMAORI.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDLT1.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDINTEL.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDGEO.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KBDGEO.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDBULG.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDBLR.DLL
    [2012/05/15 09:42:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\KBDBASH.DLL
    [2012/05/15 09:42:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msdxm.ocx
    [2012/05/15 09:42:34 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxmasf.dll
    [2012/05/15 09:42:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msdxm.ocx
    [2012/05/15 09:42:34 | 000,004,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxmasf.dll
    [2012/05/15 09:42:34 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-ums-l1-1-0.dll
    [2012/05/15 09:42:34 | 000,003,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dpnaddr.dll
    [2012/05/15 09:42:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dpnaddr.dll
    [2012/05/15 09:42:33 | 000,399,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dpx.dll
    [2012/05/15 09:42:33 | 000,189,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wdscore.dll
    [2012/05/15 09:42:31 | 000,189,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sqmapi.dll
    [2012/05/15 09:42:10 | 000,529,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wbemcomn.dll
    [2012/05/15 09:42:08 | 000,244,736 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sqmapi.dll
    [2012/05/15 09:41:14 | 000,902,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
    [2012/05/15 09:41:14 | 000,739,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
    [2012/05/15 09:31:13 | 000,325,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usbport.sys
    [2012/05/15 09:31:12 | 000,007,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usbd.sys
    [2012/05/15 09:31:10 | 002,565,632 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\esent.dll
    [2012/05/15 09:31:09 | 001,699,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\esent.dll
    [2012/05/15 09:31:09 | 000,189,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\storport.sys
    [2012/05/15 09:31:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fsutil.exe
    [2012/05/15 09:31:09 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\fsutil.exe
    [2012/05/15 09:24:17 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\Wat
    [2012/05/15 09:24:17 | 000,000,000 | ---D | C] -- D:\Windows\System32\Wat
    [2012/05/15 08:57:11 | 000,294,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\browserchoice.exe
    [2012/05/15 08:55:12 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
    [2012/05/15 08:55:12 | 000,580,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
    [2012/05/15 08:55:12 | 000,434,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
    [2012/05/15 08:55:12 | 000,367,104 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
    [2012/05/15 08:55:12 | 000,353,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
    [2012/05/15 08:55:12 | 000,223,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
    [2012/05/15 08:55:12 | 000,162,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
    [2012/05/15 08:55:12 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
    [2012/05/15 08:55:12 | 000,152,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
    [2012/05/15 08:55:12 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
    [2012/05/15 08:55:12 | 000,130,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
    [2012/05/15 08:55:12 | 000,118,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
    [2012/05/15 08:55:12 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
    [2012/05/15 08:55:12 | 000,086,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
    [2012/05/15 08:55:12 | 000,078,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
    [2012/05/15 08:55:12 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
    [2012/05/15 08:55:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2012/05/15 08:55:12 | 000,074,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
    [2012/05/15 08:55:12 | 000,074,240 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ie4uinit.exe
    [2012/05/15 08:55:12 | 000,066,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
    [2012/05/15 08:55:12 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
    [2012/05/15 08:55:12 | 000,054,272 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
    [2012/05/15 08:55:12 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
    [2012/05/15 08:55:12 | 000,031,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
    [2012/05/15 08:55:12 | 000,023,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
    [2012/05/15 08:55:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
    [2012/05/15 08:55:11 | 003,695,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
    [2012/05/15 08:55:11 | 000,534,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
    [2012/05/15 08:55:11 | 000,452,608 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
    [2012/05/15 08:55:11 | 000,448,512 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
    [2012/05/15 08:55:11 | 000,282,112 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
    [2012/05/15 08:55:11 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
    [2012/05/15 08:55:11 | 000,227,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieaksie.dll
    [2012/05/15 08:55:11 | 000,222,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
    [2012/05/15 08:55:11 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
    [2012/05/15 08:55:11 | 000,173,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
    [2012/05/15 08:55:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakui.dll
    [2012/05/15 08:55:11 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
    [2012/05/15 08:55:11 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
    [2012/05/15 08:55:11 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
    [2012/05/15 08:55:11 | 000,145,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
    [2012/05/15 08:55:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
    [2012/05/15 08:55:11 | 000,135,168 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
    [2012/05/15 08:55:11 | 000,123,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
    [2012/05/15 08:55:11 | 000,114,176 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
    [2012/05/15 08:55:11 | 000,111,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
    [2012/05/15 08:55:11 | 000,101,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\admparse.dll
    [2012/05/15 08:55:11 | 000,091,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
    [2012/05/15 08:55:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
    [2012/05/15 08:55:11 | 000,089,088 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
    [2012/05/15 08:55:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
    [2012/05/15 08:55:11 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
    [2012/05/15 08:55:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
    [2012/05/15 08:55:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
    [2012/05/15 08:55:11 | 000,049,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
    [2012/05/15 08:55:11 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
    [2012/05/15 08:55:11 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
    [2012/05/15 08:55:11 | 000,035,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
    [2012/05/15 08:55:11 | 000,012,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
    [2012/05/15 08:55:11 | 000,010,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
    [2012/05/15 08:55:10 | 000,697,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
    [2012/05/15 08:55:10 | 000,603,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
    [2012/05/15 08:55:10 | 000,165,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
    [2012/05/15 08:55:10 | 000,160,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
    [2012/05/15 08:55:10 | 000,103,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
    [2012/05/15 08:55:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
    [2012/05/15 08:48:00 | 000,220,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wintrust.dll
    [2012/05/15 08:48:00 | 000,172,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wintrust.dll
    [2012/05/15 08:48:00 | 000,159,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imagehlp.dll
    [2012/05/15 08:48:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imagehlp.dll
    [2012/05/15 08:48:00 | 000,023,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\fs_rec.sys
    [2012/05/15 08:45:40 | 005,559,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntoskrnl.exe
    [2012/05/15 08:45:39 | 003,968,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntkrnlpa.exe
    [2012/05/15 08:45:38 | 003,913,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntoskrnl.exe
    [2012/05/15 08:45:30 | 002,315,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tquery.dll
    [2012/05/15 08:45:30 | 002,223,616 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssrch.dll
    [2012/05/15 08:45:30 | 001,549,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tquery.dll
    [2012/05/15 08:45:30 | 001,401,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mssrch.dll
    [2012/05/15 08:45:30 | 000,778,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssvp.dll
    [2012/05/15 08:45:30 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SearchProtocolHost.exe
    [2012/05/15 08:45:29 | 000,666,624 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mssvp.dll
    [2012/05/15 08:45:29 | 000,491,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssph.dll
    [2012/05/15 08:45:29 | 000,337,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mssph.dll
    [2012/05/15 08:45:29 | 000,288,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mssphtb.dll
    [2012/05/15 08:45:29 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mssphtb.dll
    [2012/05/15 08:45:29 | 000,113,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SearchFilterHost.exe
    [2012/05/15 08:45:28 | 000,075,264 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msscntrs.dll
    [2012/05/15 08:45:28 | 000,059,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msscntrs.dll
    [2012/05/15 08:45:26 | 000,142,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\poqexec.exe
    [2012/05/15 08:45:26 | 000,123,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\poqexec.exe
    [2012/05/15 08:45:20 | 001,544,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
    [2012/05/15 08:45:20 | 001,077,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
    [2012/05/15 08:45:12 | 000,509,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntshrui.dll
    [2012/05/15 08:45:10 | 001,447,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\lsasrv.dll
    [2012/05/15 08:45:10 | 000,395,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\webio.dll
    [2012/05/15 08:45:10 | 000,314,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\webio.dll
    [2012/05/15 08:45:10 | 000,136,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sspicli.dll
    [2012/05/15 08:45:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sspisrv.dll
    [2012/05/15 08:45:10 | 000,028,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\secur32.dll
    [2012/05/15 08:45:06 | 000,961,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\CPFilters.dll
    [2012/05/15 08:45:05 | 001,118,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\sbe.dll
    [2012/05/15 08:45:05 | 000,850,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\sbe.dll
    [2012/05/15 08:45:05 | 000,642,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\CPFilters.dll
    [2012/05/15 08:45:05 | 000,259,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mpg2splt.ax
    [2012/05/15 08:45:05 | 000,199,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mpg2splt.ax
    [2012/05/15 08:45:00 | 001,465,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
    [2012/05/15 08:45:00 | 000,870,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
    [2012/05/15 08:44:54 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbccu32.dll
    [2012/05/15 08:44:53 | 000,319,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbcjt32.dll
    [2012/05/15 08:44:53 | 000,212,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbctrac.dll
    [2012/05/15 08:44:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbctrac.dll
    [2012/05/15 08:44:53 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbccp32.dll
    [2012/05/15 08:44:53 | 000,122,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbccp32.dll
    [2012/05/15 08:44:53 | 000,106,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\odbccr32.dll
    [2012/05/15 08:44:53 | 000,086,016 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbccu32.dll
    [2012/05/15 08:44:53 | 000,081,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\odbccr32.dll
    [2012/05/15 08:44:52 | 001,572,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\quartz.dll
    [2012/05/15 08:44:52 | 001,328,128 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\quartz.dll
    [2012/05/15 08:44:52 | 000,514,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\qdvd.dll
    [2012/05/15 08:44:51 | 000,366,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\qdvd.dll
    [2012/05/15 08:44:50 | 000,199,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\xmllite.dll
  10. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    [2012/05/15 08:44:46 | 002,871,808 | ---- | C] (Microsoft Corporation) -- D:\Windows\explorer.exe
    [2012/05/15 08:44:46 | 002,616,320 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\explorer.exe
    [2012/05/15 08:44:41 | 001,395,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc42.dll
    [2012/05/15 08:44:41 | 001,359,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mfc42u.dll
    [2012/05/15 08:44:40 | 001,164,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mfc42u.dll
    [2012/05/15 08:44:40 | 001,137,664 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mfc42.dll
    [2012/05/15 08:44:34 | 000,476,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
    [2012/05/15 08:44:34 | 000,288,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
    [2012/05/15 08:44:33 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\System32\atmfd.dll
    [2012/05/15 08:44:33 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\atmfd.dll
    [2012/05/15 08:44:33 | 000,100,864 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\fontsub.dll
    [2012/05/15 08:44:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\fontsub.dll
    [2012/05/15 08:44:33 | 000,046,080 | ---- | C] (Adobe Systems) -- D:\Windows\System32\atmlib.dll
    [2012/05/15 08:44:33 | 000,034,304 | ---- | C] (Adobe Systems) -- D:\Windows\SysWow64\atmlib.dll
    [2012/05/15 08:44:30 | 000,515,584 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\timedate.cpl
    [2012/05/15 08:44:30 | 000,478,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\timedate.cpl
    [2012/05/15 08:44:29 | 000,357,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dnsapi.dll
    [2012/05/15 08:44:29 | 000,030,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dnscacheugc.exe
    [2012/05/15 08:44:29 | 000,028,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dnscacheugc.exe
    [2012/05/15 08:44:28 | 000,043,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\csrsrv.dll
    [2012/05/15 08:44:28 | 000,027,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\Diskdump.sys
    [2012/05/15 08:44:26 | 000,613,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\psisdecd.dll
    [2012/05/15 08:44:26 | 000,288,256 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSNP.ax
    [2012/05/15 08:44:26 | 000,108,032 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\psisrndr.ax
    [2012/05/15 08:44:26 | 000,075,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\psisrndr.ax
    [2012/05/15 08:44:25 | 000,465,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\psisdecd.dll
    [2012/05/15 08:44:25 | 000,204,288 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MSNP.ax
    [2012/05/15 08:44:25 | 000,104,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\Mpeg2Data.ax
    [2012/05/15 08:44:25 | 000,075,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MSDvbNP.ax
    [2012/05/15 08:44:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\Mpeg2Data.ax
    [2012/05/15 08:44:25 | 000,059,904 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\MSDvbNP.ax
    [2012/05/15 08:44:21 | 000,642,944 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winload.efi
    [2012/05/15 08:44:21 | 000,605,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winload.exe
    [2012/05/15 08:44:21 | 000,566,208 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winresume.efi
    [2012/05/15 08:44:21 | 000,518,672 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winresume.exe
    [2012/05/15 08:44:21 | 000,063,488 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\setbcdlocale.dll
    [2012/05/15 08:44:21 | 000,020,352 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kdusb.dll
    [2012/05/15 08:44:21 | 000,019,328 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kd1394.dll
    [2012/05/15 08:44:21 | 000,017,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kdcom.dll
    [2012/05/15 08:44:20 | 000,321,024 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
    [2012/05/15 08:44:20 | 000,219,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
    [2012/05/15 08:44:20 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
    [2012/05/15 08:44:20 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
    [2012/05/15 08:44:14 | 000,252,928 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\drvinst.exe
    [2012/05/15 08:44:14 | 000,207,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\cfgmgr32.dll
    [2012/05/15 08:44:14 | 000,044,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\devrtl.dll
    [2012/05/15 08:37:58 | 000,861,696 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\oleaut32.dll
    [2012/05/15 08:37:58 | 000,331,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\oleacc.dll
    [2012/05/15 08:37:55 | 001,162,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\kernel32.dll
    [2012/05/15 08:37:54 | 000,421,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\KernelBase.dll
    [2012/05/15 08:37:54 | 000,362,496 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wow64win.dll
    [2012/05/15 08:37:54 | 000,338,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\conhost.exe
    [2012/05/15 08:37:54 | 000,243,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wow64.dll
    [2012/05/15 08:37:54 | 000,214,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\winsrv.dll
    [2012/05/15 08:37:53 | 000,025,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\setup16.exe
    [2012/05/15 08:37:53 | 000,016,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntvdm64.dll
    [2012/05/15 08:37:53 | 000,014,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ntvdm64.dll
    [2012/05/15 08:37:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wow64cpu.dll
    [2012/05/15 08:37:53 | 000,007,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\instnm.exe
    [2012/05/15 08:37:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,005,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wow32.dll
    [2012/05/15 08:37:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2012/05/15 08:37:53 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    [2012/05/15 08:37:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\user.exe
    [2012/05/15 08:37:50 | 001,731,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ntdll.dll
    [2012/05/15 08:37:49 | 000,288,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\FWPKCLNT.SYS
    [2012/05/15 08:37:48 | 000,974,336 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WFS.exe
    [2012/05/15 08:37:48 | 000,267,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\FXSCOVER.exe
    [2012/05/15 08:37:45 | 000,723,456 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\EncDec.dll
    [2012/05/15 08:37:45 | 000,534,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\EncDec.dll
    [2012/05/15 08:37:44 | 000,634,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msvcrt.dll
    [2012/05/15 08:37:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\prevhost.exe
    [2012/05/15 08:37:42 | 000,031,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\prevhost.exe
    [2012/05/15 08:37:40 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\packager.dll
    [2012/05/15 08:37:40 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\packager.dll
    [2012/05/15 08:31:25 | 000,000,000 | ---D | C] -- D:\ProgramData\NVIDIA Corporation
    [2012/05/15 08:31:21 | 000,000,000 | ---D | C] -- D:\Program Files\NVIDIA Corporation
    [2012/05/15 08:31:21 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\NVIDIA Corporation
    [2012/05/15 08:30:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdrmemptylst.exe
    [2012/05/15 08:30:33 | 001,112,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcorets.dll
    [2012/05/15 08:30:33 | 001,031,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpcore.dll
    [2012/05/15 08:30:33 | 000,826,880 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\rdpcore.dll
    [2012/05/15 08:30:33 | 000,162,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\rdpudd.dll
    [2012/05/15 08:30:33 | 000,020,992 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\rdpvideominiport.sys
    [2012/05/15 07:41:11 | 000,000,000 | ---D | C] -- D:\Windows\Panther
    [2012/05/15 07:15:20 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\ASM104xUSB3
    [2012/05/15 07:14:04 | 000,539,240 | ---- | C] (Realtek ) -- D:\Windows\System32\drivers\Rt64win7.sys
    [2012/05/15 07:14:04 | 000,107,552 | ---- | C] (Realtek Semiconductor Corporation) -- D:\Windows\System32\RTNUninst64.dll
    [2012/05/15 07:12:25 | 000,000,000 | ---D | C] -- D:\Windows\SysWow64\RTCOM
    [2012/05/15 07:12:25 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
    [2012/05/15 07:12:14 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\WavesGUILib.dll
    [2012/05/15 07:12:14 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSTSX64.dll
    [2012/05/15 07:12:14 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtlCPAPI64.dll
    [2012/05/15 07:12:14 | 000,220,512 | ---- | C] (Synopsys, Inc.) -- D:\Windows\System32\SFNHK64.dll
    [2012/05/15 07:12:14 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSTSH64.dll
    [2012/05/15 07:12:14 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSHP64.dll
    [2012/05/15 07:12:14 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSWOW64.dll
    [2012/05/15 07:12:14 | 000,121,744 | ---- | C] (Sony Corporation) -- D:\Windows\System32\SFSS_APO.dll
    [2012/05/15 07:12:14 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- D:\Windows\System32\SFCOM64.dll
    [2012/05/15 07:12:14 | 000,078,176 | ---- | C] (Synopsys, Inc.) -- D:\Windows\System32\SFAPO64.dll
    [2012/05/15 07:12:14 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- D:\Windows\SysWow64\SFCOM.dll
    [2012/05/15 07:12:13 | 001,805,928 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtkApi64.dll
    [2012/05/15 07:12:13 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtkCfg64.dll
    [2012/05/15 07:12:12 | 003,115,112 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtkAPO64.dll
    [2012/05/15 07:12:12 | 002,428,520 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RtPgEx64.dll
    [2012/05/15 07:12:12 | 001,560,680 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RTSnMg64.cpl
    [2012/05/15 07:12:12 | 001,245,288 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RTCOM64.dll
    [2012/05/15 07:12:11 | 001,474,048 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RCoRes64.dat
    [2012/05/15 07:12:11 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEP64A.dll
    [2012/05/15 07:12:11 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RP3DHT64.dll
    [2012/05/15 07:12:11 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RP3DAA64.dll
    [2012/05/15 07:12:11 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEED64A.dll
    [2012/05/15 07:12:11 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEL64A.dll
    [2012/05/15 07:12:11 | 000,092,264 | ---- | C] (Realtek Semiconductor Corp.) -- D:\Windows\System32\RCoInst64.dll
    [2012/05/15 07:12:11 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEG64A.dll
    [2012/05/15 07:12:09 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioRealtek.dll
    [2012/05/15 07:12:09 | 003,308,376 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEP64A.dll
    [2012/05/15 07:12:09 | 000,426,328 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EED64A.dll
    [2012/05/15 07:12:09 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxVolumeSDAPO.dll
    [2012/05/15 07:12:09 | 000,136,024 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEL64A.dll
    [2012/05/15 07:12:09 | 000,118,104 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEA64A.dll
    [2012/05/15 07:12:09 | 000,074,072 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEG64A.dll
    [2012/05/15 07:12:08 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioEQ.dll
    [2012/05/15 07:12:08 | 000,603,472 | ---- | C] (Knowles Acoustics ) -- D:\Windows\System32\KAAPORT64.dll
    [2012/05/15 07:12:08 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO30.dll
    [2012/05/15 07:12:08 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO20.dll
    [2012/05/15 07:12:06 | 002,085,440 | ---- | C] (Fortemedia Corporation) -- D:\Windows\System32\FMAPO64.dll
    [2012/05/15 07:12:05 | 001,756,264 | ---- | C] (DTS) -- D:\Windows\System32\DTSS2SpeakerDLL64.dll
    [2012/05/15 07:12:05 | 001,568,360 | ---- | C] (DTS) -- D:\Windows\System32\DTSS2HeadphoneDLL64.dll
    [2012/05/15 07:12:05 | 000,712,296 | ---- | C] (DTS) -- D:\Windows\System32\DTSSymmetryDLL64.dll
    [2012/05/15 07:12:05 | 000,693,352 | ---- | C] (DTS) -- D:\Windows\System32\DTSVoiceClarityDLL64.dll
    [2012/05/15 07:12:05 | 000,491,112 | ---- | C] (DTS) -- D:\Windows\System32\DTSNeoPCDLL64.dll
    [2012/05/15 07:12:05 | 000,432,744 | ---- | C] (DTS) -- D:\Windows\System32\DTSLimiterDLL64.dll
    [2012/05/15 07:12:05 | 000,428,648 | ---- | C] (DTS) -- D:\Windows\System32\DTSGainCompensatorDLL64.dll
    [2012/05/15 07:12:05 | 000,242,792 | ---- | C] (DTS) -- D:\Windows\System32\DTSLFXAPO64.dll
    [2012/05/15 07:12:05 | 000,241,768 | ---- | C] (DTS) -- D:\Windows\System32\DTSGFXAPONS64.dll
    [2012/05/15 07:12:04 | 001,486,952 | ---- | C] (DTS) -- D:\Windows\System32\DTSBoostDLL64.dll
    [2012/05/15 07:12:04 | 000,728,680 | ---- | C] (DTS) -- D:\Windows\System32\DTSBassEnhancementDLL64.dll
    [2012/05/15 07:12:04 | 000,242,792 | ---- | C] (DTS) -- D:\Windows\System32\DTSGFXAPO64.dll
    [2012/05/15 07:12:03 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- D:\Windows\System32\AERTAC64.dll
    [2012/05/15 07:12:03 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- D:\Windows\System32\AERTAR64.dll
    [2012/05/15 07:12:03 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\InstallShield Installation Information
    [2012/05/15 07:12:03 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Realtek
    [2012/05/15 07:12:01 | 000,000,000 | -H-D | C] -- D:\Program Files (x86)\Temp
    [2012/05/15 07:12:00 | 001,698,408 | R--- | C] (Realtek Semiconductor Corp.) -- D:\Windows\RtlExUpd.dll
    [2012/05/15 07:11:52 | 000,016,896 | ---- | C] (ASUS) -- D:\Windows\AsTaskSched.dll
    [2012/05/15 07:11:11 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- D:\Windows\SysWow64\CSVer.dll
    [2012/05/15 07:11:11 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Intel
    [2012/05/15 07:10:58 | 000,000,000 | ---D | C] -- D:\Intel
    [2012/05/15 07:08:52 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Antimalware
    [2012/05/15 07:08:48 | 000,000,000 | -HSD | C] -- D:\Windows\Installer
    [2012/05/15 06:57:46 | 000,000,000 | R--D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2012/05/15 06:57:46 | 000,000,000 | R--D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2012/05/15 06:57:45 | 000,000,000 | -H-D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned
    [2012/05/15 06:57:37 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Identities
    [2012/05/15 06:57:25 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\VirtualStore
    [2012/05/15 06:57:12 | 000,000,000 | --SD | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft
    [2012/05/15 06:57:12 | 000,000,000 | R--D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
  11. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    [2012/05/15 06:57:12 | 000,000,000 | R--D | C] -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    [2012/05/15 06:57:12 | 000,000,000 | -HSD | C] -- D:\Users\Ägaren\AppData\Local\Tidigare
    [2012/05/15 06:57:12 | 000,000,000 | -HSD | C] -- D:\Users\Ägaren\AppData\Local\Temporary Internet Files
    [2012/05/15 06:57:12 | 000,000,000 | -HSD | C] -- D:\Users\Ägaren\AppData\Local\Programdata
    [2012/05/15 06:57:12 | 000,000,000 | -HSD | C] -- D:\Users\Ägaren\Documents\Mina videoklipp
    [2012/05/15 06:57:12 | 000,000,000 | -HSD | C] -- D:\Users\Ägaren\Documents\Mina bilder
    [2012/05/15 06:57:12 | 000,000,000 | -HSD | C] -- D:\Users\Ägaren\Documents\Min musik
    [2012/05/15 06:57:12 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Temp
    [2012/05/15 06:57:12 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming
    [2012/05/15 06:57:12 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local\Microsoft
    [2012/05/15 06:57:12 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Roaming\Media Center Programs
    [2012/05/15 06:57:12 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\LocalLow
    [2012/05/15 06:57:12 | 000,000,000 | ---D | C] -- D:\Users\Ägaren\AppData\Local
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\ProgramData\Start-meny
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\ProgramData\Skrivbord
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\ProgramData\Programdata
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\Users\Public\Documents\Mina videoklipp
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\Users\Public\Documents\Mina bilder
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\Users\Public\Documents\Min musik
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\ProgramData\Mallar
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\ProgramData\Favoriter
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\ProgramData\Dokument
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | C] -- D:\Program Files\Delade filer
    [2012/05/15 06:57:04 | 000,000,000 | ---D | C] -- D:\Recovery
    [2012/05/15 06:57:01 | 000,000,000 | ---D | C] -- D:\Windows\SoftwareDistribution
    [2012/05/15 06:42:22 | 000,000,000 | ---D | C] -- D:\Windows\Prefetch
    [2012/05/15 06:42:04 | 000,000,000 | -HSD | C] -- D:\System Volume Information
    [2012/05/13 13:40:06 | 000,000,000 | ---D | C] -- D:\Program Files\TeraCopy
    [2010/09/29 06:21:43 | 000,441,344 | ---- | C] ( ) -- D:\Windows\SetACL.exe

    ========== Files - Modified Within 30 Days ==========

    [2012/06/07 20:36:32 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
    [2012/06/07 20:36:25 | 000,017,488 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/06/07 20:36:24 | 000,017,488 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/06/07 20:23:00 | 000,000,868 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/06/07 20:20:30 | 004,538,022 | R--- | M] (Swearware) -- D:\Users\Ägaren\Desktop\ComboFix.exe
    [2012/06/07 20:17:35 | 000,625,534 | ---- | M] () -- D:\Windows\System32\perfh01D.dat
    [2012/06/07 20:17:35 | 000,615,810 | ---- | M] () -- D:\Windows\System32\perfh009.dat
    [2012/06/07 20:17:35 | 000,123,688 | ---- | M] () -- D:\Windows\System32\perfc01D.dat
    [2012/06/07 20:17:35 | 000,106,190 | ---- | M] () -- D:\Windows\System32\perfc009.dat
    [2012/06/07 20:12:37 | 2132,725,759 | -HS- | M] () -- D:\hiberfil.sys
    [2012/06/07 18:53:32 | 000,000,027 | ---- | M] () -- D:\Windows\System32\drivers\etc\hosts
    [2012/06/07 18:37:18 | 001,153,912 | ---- | M] (Emsi Software GmbH) -- D:\Users\Ägaren\Desktop\BlitzBlank.exe
    [2012/06/07 18:29:11 | 000,165,376 | ---- | M] () -- D:\Users\Ägaren\Desktop\SystemLook_x64.exe
    [2012/06/07 18:22:27 | 000,000,349 | ---- | M] () -- D:\kspy
    [2012/06/07 17:52:59 | 000,000,512 | ---- | M] () -- D:\Users\Ägaren\Desktop\MBR.dat
    [2012/06/07 17:38:57 | 004,731,392 | ---- | M] (AVAST Software) -- D:\Users\Ägaren\Desktop\aswMBR.exe
    [2012/06/07 16:51:17 | 000,000,002 | ---- | M] () -- D:\Users\Ägaren\Documents\desktop is dos windows executableee
    [2012/06/07 12:16:44 | 000,001,369 | ---- | M] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012/06/07 08:32:19 | 000,000,894 | ---- | M] () -- D:\Users\Ägaren\Desktop\sumofull.lnk
    [2012/06/07 08:32:19 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sumotori Full Version
    [2012/06/06 20:40:37 | 000,045,910 | ---- | M] () -- D:\Users\Ägaren\Documents\cc_20120607_024032.reg
    [2012/06/06 20:34:07 | 000,187,464 | ---- | M] (Webroot) -- D:\Users\Ägaren\Desktop\antizeroaccess.exe
    [2012/06/06 17:39:22 | 005,054,705 | ---- | M] () -- D:\Users\Ägaren\Desktop\1339018372338.rar
    [2012/06/06 15:25:38 | 000,000,488 | -HS- | M] () -- D:\Windows\9907881drv.spi
    [2012/06/06 11:37:34 | 137,066,928 | ---- | M] () -- D:\Users\Ägaren\Desktop\setup_11.0.0.1245.x01_2012_06_06_18_21.exe
    [2012/06/03 14:33:49 | 000,337,921 | ---- | M] () -- D:\Users\Ägaren\Desktop\FSS.exe
    [2012/06/03 12:12:19 | 001,012,656 | ---- | M] () -- D:\Users\Ägaren\Desktop\rkill.scr
    [2012/06/03 12:08:58 | 001,012,656 | ---- | M] () -- D:\Users\Ägaren\Desktop\rkill.exe
    [2012/06/03 11:50:16 | 000,003,211 | ---- | M] () -- D:\Users\Ägaren\Desktop\Sophos Virus Removal Tool.lnk
    [2012/06/03 10:20:55 | 000,000,512 | ---- | M] () -- D:\Users\Ägaren\Documents\MBR.dat
    [2012/06/03 06:47:53 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    [2012/06/03 06:47:49 | 000,000,947 | ---- | M] () -- D:\Users\Public\Desktop\Need For Speed World.lnk
    [2012/06/03 04:15:15 | 000,001,316 | ---- | M] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2012/06/03 04:15:15 | 000,001,292 | ---- | M] () -- D:\Users\Ägaren\Desktop\Spybot - Search & Destroy.lnk
    [2012/06/03 04:12:35 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
    [2012/06/02 19:00:09 | 000,001,747 | ---- | M] () -- D:\Users\Ägaren\Documents\Attach.zip
    [2012/06/02 18:59:34 | 000,001,712 | ---- | M] () -- D:\Users\Ägaren\Documents\Attach.rar
    [2012/06/02 16:17:50 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) -- D:\Windows\System32\drivers\39377219.sys
    [2012/06/02 13:37:28 | 000,001,113 | ---- | M] () -- D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/06/02 13:37:28 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/06/02 13:11:10 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
    [2012/06/02 07:10:43 | 000,000,929 | ---- | M] () -- D:\Users\Public\Desktop\Max Payne 3.lnk
    [2012/06/02 07:10:43 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Payne 3
    [2012/06/01 08:10:00 | 000,000,986 | ---- | M] () -- D:\Users\Ägaren\Desktop\European Bus Simulator High 2012.lnk
    [2012/06/01 08:10:00 | 000,000,986 | ---- | M] () -- D:\Users\Ägaren\Desktop\European Bus Simulator Basic 2012.lnk
    [2012/06/01 08:10:00 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\European Bus Simulator 2012
    [2012/06/01 06:35:43 | 000,280,904 | ---- | M] () -- D:\Windows\SysWow64\PnkBstrB.xtr
    [2012/06/01 06:35:43 | 000,280,904 | ---- | M] () -- D:\Windows\SysWow64\PnkBstrB.exe
    [2012/05/30 15:23:13 | 000,283,304 | ---- | M] () -- D:\Windows\SysWow64\PnkBstrB.ex0
    [2012/05/29 10:11:20 | 000,000,945 | ---- | M] () -- D:\Users\Public\Desktop\Ship Simulator Extremes.lnk
    [2012/05/29 10:11:20 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
    [2012/05/29 08:21:57 | 000,001,208 | ---- | M] () -- D:\Users\Public\Desktop\Off-Road Drive.lnk
    [2012/05/29 08:21:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\1C Company
    [2012/05/29 07:57:20 | 000,000,979 | ---- | M] () -- D:\Users\Public\Desktop\MOTORM4X.lnk
    [2012/05/29 07:57:20 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\City Interactive
    [2012/05/28 11:51:23 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
    [2012/05/28 11:51:17 | 000,466,456 | ---- | M] (Creative Labs) -- D:\Windows\System32\wrap_oal.dll
    [2012/05/28 11:51:16 | 000,444,952 | ---- | M] (Creative Labs) -- D:\Windows\SysWow64\wrap_oal.dll
    [2012/05/28 11:51:16 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\Windows\System32\OpenAL32.dll
    [2012/05/28 11:51:16 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- D:\Windows\SysWow64\OpenAL32.dll
    [2012/05/27 16:33:24 | 000,000,985 | ---- | M] () -- D:\Users\Ägaren\Desktop\NodLogin normal.lnk
    [2012/05/27 16:25:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
    [2012/05/26 16:02:13 | 000,000,250 | ---- | M] () -- D:\Users\Ägaren\Documents\rendersettings.ini
    [2012/05/26 15:09:28 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
    [2012/05/26 14:11:53 | 000,000,207 | ---- | M] () -- D:\Users\Ägaren\Desktop\Dota 2.url
    [2012/05/26 12:26:40 | 000,000,798 | ---- | M] () -- D:\Users\Ägaren\Desktop\DiRT Showdown.lnk
    [2012/05/26 12:26:40 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiRT Showdown
    [2012/05/26 11:55:38 | 000,001,090 | ---- | M] () -- D:\Users\Ägaren\Desktop\MSI Afterburner.lnk
    [2012/05/26 09:42:48 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
    [2012/05/25 11:03:34 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGA
    [2012/05/25 07:25:23 | 000,000,323 | ---- | M] () -- D:\Windows\System32\checkdnsid.xml
    [2012/05/24 10:20:52 | 000,000,869 | ---- | M] () -- D:\Users\Public\Desktop\CPUID CPU-Z.lnk
    [2012/05/24 10:20:52 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
    [2012/05/24 07:42:57 | 000,000,796 | ---- | M] () -- D:\Users\Public\Desktop\Speccy.lnk
    [2012/05/24 07:42:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
    [2012/05/23 07:59:27 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
    [2012/05/23 07:59:26 | 000,001,954 | ---- | M] () -- D:\Users\Public\Desktop\DAEMON Tools Lite.lnk
    [2012/05/23 07:58:41 | 000,283,200 | ---- | M] (DT Soft Ltd) -- D:\Windows\System32\drivers\dtsoftbus01.sys
    [2012/05/22 18:05:19 | 000,002,441 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    [2012/05/22 15:15:35 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\Windows\SysWow64\javaw.exe
    [2012/05/22 15:15:35 | 000,174,024 | ---- | M] (Oracle Corporation) -- D:\Windows\SysWow64\java.exe
    [2012/05/22 15:13:33 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    [2012/05/22 11:14:05 | 000,001,102 | ---- | M] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NeoDownloader.lnk
    [2012/05/22 11:14:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoDownloader
    [2012/05/21 15:30:33 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    [2012/05/21 15:27:09 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
    [2012/05/21 09:59:27 | 000,293,040 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
    [2012/05/20 12:20:27 | 000,076,888 | ---- | M] () -- D:\Windows\SysWow64\PnkBstrA.exe
    [2012/05/20 10:41:35 | 000,000,000 | --SD | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4
    [2012/05/20 10:41:31 | 000,001,168 | ---- | M] () -- D:\Users\Public\Desktop\OpenOffice.org 3.4.lnk
    [2012/05/19 09:56:28 | 000,000,207 | ---- | M] () -- D:\Users\Ägaren\Desktop\Counter-Strike Global Offensive Beta.url
    [2012/05/18 17:51:59 | 000,001,174 | ---- | M] () -- D:\Users\Public\Desktop\Battlefield 3.lnk
    [2012/05/18 17:51:59 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
    [2012/05/18 15:54:35 | 000,000,983 | ---- | M] () -- D:\Users\Public\Desktop\Origin.lnk
    [2012/05/18 15:54:35 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    [2012/05/17 17:34:19 | 000,000,929 | ---- | M] () -- D:\Users\Public\Desktop\Diablo III.lnk
    [2012/05/17 17:34:16 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
    [2012/05/17 04:55:25 | 000,000,385 | ---- | M] () -- D:\Windows\System32\user_gensett.xml
    [2012/05/16 15:28:55 | 000,002,019 | ---- | M] () -- D:\Users\Public\Desktop\Adobe Reader X.lnk
    [2012/05/16 11:59:23 | 000,000,071 | ---- | M] () -- D:\Users\Ägaren\AppData\Roaming\programs.vc
    [2012/05/16 11:18:53 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
    [2012/05/16 11:12:32 | 000,000,473 | ---- | M] () -- D:\Users\Ägaren\Documents\rarreg.key
    [2012/05/16 11:12:16 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2012/05/16 07:16:40 | 000,000,991 | ---- | M] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
    [2012/05/16 07:16:40 | 000,000,967 | ---- | M] () -- D:\Users\Public\Desktop\BitTorrent.lnk
    [2012/05/15 16:52:47 | 000,001,070 | ---- | M] () -- D:\Users\Public\Desktop\VLC media player.lnk
    [2012/05/15 16:52:47 | 000,000,027 | ---- | M] () -- D:\Program Files\plugins.dat
    [2012/05/15 16:52:47 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
    [2012/05/15 16:50:24 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
    [2012/05/15 16:47:51 | 000,002,012 | ---- | M] () -- D:\Users\Ägaren\Desktop\Media Player Classic - Home Cinema x64.lnk
    [2012/05/15 16:47:51 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema x64
    [2012/05/15 16:42:44 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
    [2012/05/15 16:42:44 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    [2012/05/15 16:17:25 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
    [2012/05/15 16:08:21 | 000,001,011 | ---- | M] () -- D:\Users\Ägaren\Desktop\VPNCheck.lnk
    [2012/05/15 16:08:21 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNCheck
    [2012/05/15 16:02:05 | 000,001,129 | ---- | M] () -- D:\Users\Public\Desktop\OpenVPN GUI.lnk
    [2012/05/15 16:02:05 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
    [2012/05/15 15:17:58 | 000,001,146 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2012/05/15 15:17:58 | 000,001,134 | ---- | M] () -- D:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/05/15 14:42:53 | 000,955,848 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\npDeployJava1.dll
    [2012/05/15 14:42:53 | 000,839,112 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\deployJava1.dll
    [2012/05/15 14:42:53 | 000,268,744 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaws.exe
    [2012/05/15 14:42:53 | 000,189,384 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\javaw.exe
    [2012/05/15 14:42:53 | 000,188,872 | ---- | M] (Oracle Corporation) -- D:\Windows\System32\java.exe
    [2012/05/15 14:13:28 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
    [2012/05/15 10:10:11 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    [2012/05/15 10:04:04 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2012/05/15 09:55:46 | 000,175,616 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msclmd.dll
    [2012/05/15 09:55:46 | 000,152,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msclmd.dll
    [2012/05/15 08:55:12 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
    [2012/05/15 08:55:12 | 000,580,608 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
    [2012/05/15 08:55:12 | 000,434,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
    [2012/05/15 08:55:12 | 000,367,104 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
    [2012/05/15 08:55:12 | 000,353,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
    [2012/05/15 08:55:12 | 000,223,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
    [2012/05/15 08:55:12 | 000,162,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
    [2012/05/15 08:55:12 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
    [2012/05/15 08:55:12 | 000,152,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
    [2012/05/15 08:55:12 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
    [2012/05/15 08:55:12 | 000,142,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
    [2012/05/15 08:55:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakeng.dll
    [2012/05/15 08:55:12 | 000,118,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
    [2012/05/15 08:55:12 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
    [2012/05/15 08:55:12 | 000,086,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
    [2012/05/15 08:55:12 | 000,078,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
    [2012/05/15 08:55:12 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
    [2012/05/15 08:55:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2012/05/15 08:55:12 | 000,074,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
    [2012/05/15 08:55:12 | 000,074,240 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ie4uinit.exe
    [2012/05/15 08:55:12 | 000,072,822 | ---- | M] () -- D:\Windows\SysWow64\ieuinit.inf
    [2012/05/15 08:55:12 | 000,066,048 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
    [2012/05/15 08:55:12 | 000,063,488 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
    [2012/05/15 08:55:12 | 000,054,272 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
    [2012/05/15 08:55:12 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
    [2012/05/15 08:55:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
    [2012/05/15 08:55:12 | 000,023,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
    [2012/05/15 08:55:12 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
    [2012/05/15 08:55:11 | 003,695,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
    [2012/05/15 08:55:11 | 000,534,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
    [2012/05/15 08:55:11 | 000,452,608 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
    [2012/05/15 08:55:11 | 000,448,512 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
    [2012/05/15 08:55:11 | 000,282,112 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
    [2012/05/15 08:55:11 | 000,267,776 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieaksie.dll
    [2012/05/15 08:55:11 | 000,227,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieaksie.dll
    [2012/05/15 08:55:11 | 000,222,208 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
    [2012/05/15 08:55:11 | 000,197,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
    [2012/05/15 08:55:11 | 000,173,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
    [2012/05/15 08:55:11 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieakui.dll
    [2012/05/15 08:55:11 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieakui.dll
    [2012/05/15 08:55:11 | 000,160,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieakeng.dll
    [2012/05/15 08:55:11 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
    [2012/05/15 08:55:11 | 000,145,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
    [2012/05/15 08:55:11 | 000,135,168 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
    [2012/05/15 08:55:11 | 000,123,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
    [2012/05/15 08:55:11 | 000,114,176 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\admparse.dll
    [2012/05/15 08:55:11 | 000,111,616 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
    [2012/05/15 08:55:11 | 000,101,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\admparse.dll
    [2012/05/15 08:55:11 | 000,091,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
    [2012/05/15 08:55:11 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
    [2012/05/15 08:55:11 | 000,089,088 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
    [2012/05/15 08:55:11 | 000,085,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
    [2012/05/15 08:55:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
    [2012/05/15 08:55:11 | 000,076,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
    [2012/05/15 08:55:11 | 000,072,822 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
    [2012/05/15 08:55:11 | 000,065,024 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
    [2012/05/15 08:55:11 | 000,049,664 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
    [2012/05/15 08:55:11 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
    [2012/05/15 08:55:11 | 000,039,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
    [2012/05/15 08:55:11 | 000,035,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
    [2012/05/15 08:55:11 | 000,012,288 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
    [2012/05/15 08:55:11 | 000,010,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
    [2012/05/15 08:55:10 | 000,697,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
    [2012/05/15 08:55:10 | 000,603,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
    [2012/05/15 08:55:10 | 000,165,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
    [2012/05/15 08:55:10 | 000,160,256 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
    [2012/05/15 08:55:10 | 000,103,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
    [2012/05/15 08:55:10 | 000,030,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
    [2012/05/15 07:14:58 | 000,001,769 | ---- | M] () -- D:\Windows\Language_trs.ini
    [2012/05/15 07:11:52 | 000,016,896 | ---- | M] (ASUS) -- D:\Windows\AsTaskSched.dll
    [2012/05/15 07:09:52 | 000,028,660 | ---- | M] () -- D:\Windows\Ascd_tmp.ini
    [2012/05/15 06:57:43 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2012/05/15 06:48:00 | 025,743,168 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvoglv64.dll
    [2012/05/15 06:48:00 | 025,248,064 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvcompiler.dll
    [2012/05/15 06:48:00 | 019,607,872 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvoglv32.dll
    [2012/05/15 06:48:00 | 018,044,224 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvd3dumx.dll
    [2012/05/15 06:48:00 | 017,551,680 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcompiler.dll
    [2012/05/15 06:48:00 | 015,322,432 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvd3dum.dll
    [2012/05/15 06:48:00 | 010,194,752 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvwgf2umx.dll
    [2012/05/15 06:48:00 | 008,139,072 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvcuda.dll
    [2012/05/15 06:48:00 | 008,105,280 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvwgf2um.dll
    [2012/05/15 06:48:00 | 005,982,528 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcuda.dll
    [2012/05/15 06:48:00 | 002,881,856 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvenc.dll
    [2012/05/15 06:48:00 | 002,741,568 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvapi64.dll
    [2012/05/15 06:48:00 | 002,681,664 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvcuvid.dll
    [2012/05/15 06:48:00 | 002,524,992 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcuvid.dll
    [2012/05/15 06:48:00 | 002,445,120 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvcuvenc.dll
    [2012/05/15 06:48:00 | 002,368,832 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvapi.dll
    [2012/05/15 06:48:00 | 001,738,048 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvdispco64.dll
    [2012/05/15 06:48:00 | 001,468,224 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvgenco64.dll
    [2012/05/15 06:48:00 | 000,949,056 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvumdshimx.dll
    [2012/05/15 06:48:00 | 000,818,496 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvumdshim.dll
    [2012/05/15 06:48:00 | 000,364,352 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvdecodemft.dll
    [2012/05/15 06:48:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvdecodemft.dll
    [2012/05/15 06:48:00 | 000,246,592 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvinitx.dll
    [2012/05/15 06:48:00 | 000,202,048 | ---- | M] (NVIDIA Corporation) -- D:\Windows\SysWow64\nvinit.dll
    [2012/05/15 06:48:00 | 000,068,928 | ---- | M] (Khronos Group) -- D:\Windows\System32\OpenCL.dll
    [2012/05/15 06:48:00 | 000,061,248 | ---- | M] (Khronos Group) -- D:\Windows\SysWow64\OpenCL.dll
    [2012/05/15 06:48:00 | 000,014,324 | ---- | M] () -- D:\Windows\System32\nvinfo.pb
    [2012/05/15 06:45:18 | 000,050,658 | ---- | M] () -- D:\Windows\SysWow64\license.rtf
    [2012/05/15 06:45:18 | 000,050,658 | ---- | M] () -- D:\Windows\System32\license.rtf
    [2012/05/15 06:45:09 | 000,001,345 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    [2012/05/15 06:45:09 | 000,001,326 | ---- | M] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    [2012/05/15 06:45:09 | 000,000,000 | R--D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
    [2012/05/15 05:29:46 | 002,561,856 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvsvcr.dll
    [2012/05/15 05:29:46 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvmctray.dll
    [2012/05/15 05:29:46 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvshext.dll
    [2012/05/15 05:29:45 | 002,621,723 | ---- | M] () -- D:\Windows\System32\nvcoproc.bin
    [2012/05/15 05:29:25 | 003,149,632 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvsvc64.dll
    [2012/05/15 05:28:42 | 006,151,488 | ---- | M] (NVIDIA Corporation) -- D:\Windows\System32\nvcpl.dll
    [2012/05/14 20:21:50 | 000,423,744 | ---- | M] () -- D:\Windows\SysWow64\nvStreaming.exe
    [2012/05/12 17:56:36 | 000,000,659 | ---- | M] () -- D:\Users\Public\Desktop\Launch Hitman Blood Money.lnk

    ========== Files Created - No Company Name ==========

    [2012/06/07 18:28:57 | 000,165,376 | ---- | C] () -- D:\Users\Ägaren\Desktop\SystemLook_x64.exe
    [2012/06/07 18:22:27 | 000,000,349 | ---- | C] () -- D:\kspy
    [2012/06/07 17:52:59 | 000,000,512 | ---- | C] () -- D:\Users\Ägaren\Desktop\MBR.dat
    [2012/06/07 16:51:17 | 000,000,002 | ---- | C] () -- D:\Users\Ägaren\Documents\desktop is dos windows executableee
    [2012/06/07 08:32:19 | 000,000,894 | ---- | C] () -- D:\Users\Ägaren\Desktop\sumofull.lnk
    [2012/06/06 20:40:33 | 000,045,910 | ---- | C] () -- D:\Users\Ägaren\Documents\cc_20120607_024032.reg
    [2012/06/06 17:39:20 | 005,054,705 | ---- | C] () -- D:\Users\Ägaren\Desktop\1339018372338.rar
    [2012/06/06 12:29:37 | 000,000,488 | -HS- | C] () -- D:\Windows\9907881drv.spi
    [2012/06/06 11:36:23 | 137,066,928 | ---- | C] () -- D:\Users\Ägaren\Desktop\setup_11.0.0.1245.x01_2012_06_06_18_21.exe
    [2012/06/05 19:06:02 | 000,256,000 | ---- | C] () -- D:\Windows\PEV.exe
    [2012/06/05 19:06:02 | 000,208,896 | ---- | C] () -- D:\Windows\MBR.exe
    [2012/06/05 19:06:02 | 000,098,816 | ---- | C] () -- D:\Windows\sed.exe
    [2012/06/05 19:06:02 | 000,080,412 | ---- | C] () -- D:\Windows\grep.exe
    [2012/06/05 19:06:02 | 000,068,096 | ---- | C] () -- D:\Windows\zip.exe
    [2012/06/03 14:33:47 | 000,337,921 | ---- | C] () -- D:\Users\Ägaren\Desktop\FSS.exe
    [2012/06/03 12:12:13 | 001,012,656 | ---- | C] () -- D:\Users\Ägaren\Desktop\rkill.scr
    [2012/06/03 12:08:52 | 001,012,656 | ---- | C] () -- D:\Users\Ägaren\Desktop\rkill.exe
    [2012/06/03 11:50:16 | 000,003,211 | ---- | C] () -- D:\Users\Ägaren\Desktop\Sophos Virus Removal Tool.lnk
    [2012/06/03 10:20:55 | 000,000,512 | ---- | C] () -- D:\Users\Ägaren\Documents\MBR.dat
    [2012/06/03 06:47:49 | 000,000,947 | ---- | C] () -- D:\Users\Public\Desktop\Need For Speed World.lnk
    [2012/06/03 04:12:35 | 000,001,316 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
    [2012/06/03 04:12:35 | 000,001,292 | ---- | C] () -- D:\Users\Ägaren\Desktop\Spybot - Search & Destroy.lnk
    [2012/06/02 19:00:09 | 000,001,747 | ---- | C] () -- D:\Users\Ägaren\Documents\Attach.zip
    [2012/06/02 18:59:34 | 000,001,712 | ---- | C] () -- D:\Users\Ägaren\Documents\Attach.rar
    [2012/06/02 13:35:06 | 000,001,113 | ---- | C] () -- D:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/06/02 07:10:43 | 000,000,929 | ---- | C] () -- D:\Users\Public\Desktop\Max Payne 3.lnk
    [2012/06/01 08:10:00 | 000,000,986 | ---- | C] () -- D:\Users\Ägaren\Desktop\European Bus Simulator High 2012.lnk
    [2012/06/01 08:10:00 | 000,000,986 | ---- | C] () -- D:\Users\Ägaren\Desktop\European Bus Simulator Basic 2012.lnk
    [2012/05/29 10:11:20 | 000,000,945 | ---- | C] () -- D:\Users\Public\Desktop\Ship Simulator Extremes.lnk
    [2012/05/29 08:21:57 | 000,001,208 | ---- | C] () -- D:\Users\Public\Desktop\Off-Road Drive.lnk
    [2012/05/29 07:57:20 | 000,000,979 | ---- | C] () -- D:\Users\Public\Desktop\MOTORM4X.lnk
    [2012/05/27 16:33:24 | 000,000,985 | ---- | C] () -- D:\Users\Ägaren\Desktop\NodLogin normal.lnk
    [2012/05/26 16:02:09 | 000,000,250 | ---- | C] () -- D:\Users\Ägaren\Documents\rendersettings.ini
    [2012/05/26 14:11:53 | 000,000,207 | ---- | C] () -- D:\Users\Ägaren\Desktop\Dota 2.url
    [2012/05/26 12:26:39 | 000,000,798 | ---- | C] () -- D:\Users\Ägaren\Desktop\DiRT Showdown.lnk
    [2012/05/26 11:55:38 | 000,001,090 | ---- | C] () -- D:\Users\Ägaren\Desktop\MSI Afterburner.lnk
    [2012/05/24 10:20:52 | 000,000,869 | ---- | C] () -- D:\Users\Public\Desktop\CPUID CPU-Z.lnk
    [2012/05/24 07:42:57 | 000,000,796 | ---- | C] () -- D:\Users\Public\Desktop\Speccy.lnk
    [2012/05/23 07:59:26 | 000,001,954 | ---- | C] () -- D:\Users\Public\Desktop\DAEMON Tools Lite.lnk
    [2012/05/22 11:14:05 | 000,001,102 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NeoDownloader.lnk
    [2012/05/21 10:15:04 | 000,000,323 | ---- | C] () -- D:\Windows\System32\checkdnsid.xml
    [2012/05/20 10:41:31 | 000,001,168 | ---- | C] () -- D:\Users\Public\Desktop\OpenOffice.org 3.4.lnk
    [2012/05/20 05:53:20 | 000,280,904 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.xtr
    [2012/05/19 09:56:28 | 000,000,207 | ---- | C] () -- D:\Users\Ägaren\Desktop\Counter-Strike Global Offensive Beta.url
    [2012/05/18 17:51:29 | 000,283,304 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.ex0
    [2012/05/18 17:51:29 | 000,280,904 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrB.exe
    [2012/05/18 17:51:28 | 000,076,888 | ---- | C] () -- D:\Windows\SysWow64\PnkBstrA.exe
    [2012/05/17 17:22:01 | 000,000,929 | ---- | C] () -- D:\Users\Public\Desktop\Diablo III.lnk
    [2012/05/17 04:55:25 | 000,000,385 | ---- | C] () -- D:\Windows\System32\user_gensett.xml
    [2012/05/16 15:28:55 | 000,002,441 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
    [2012/05/16 11:18:53 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_Kernel_avchv_01009.Wdf
    [2012/05/16 11:12:32 | 000,000,473 | ---- | C] () -- D:\Users\Ägaren\Documents\rarreg.key
    [2012/05/16 07:16:40 | 000,000,991 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
    [2012/05/15 16:52:47 | 000,000,027 | ---- | C] () -- D:\Program Files\plugins.dat
    [2012/05/15 16:50:19 | 000,175,616 | ---- | C] () -- D:\Windows\SysWow64\unrar.dll
    [2012/05/15 16:47:51 | 000,002,012 | ---- | C] () -- D:\Users\Ägaren\Desktop\Media Player Classic - Home Cinema x64.lnk
    [2012/05/15 16:08:35 | 000,000,071 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\programs.vc
    [2012/05/15 16:08:21 | 000,001,011 | ---- | C] () -- D:\Users\Ägaren\Desktop\VPNCheck.lnk
    [2012/05/15 15:17:58 | 000,001,146 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2012/05/15 15:17:58 | 000,001,134 | ---- | C] () -- D:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2012/05/15 15:03:05 | 000,000,032 | ---- | C] () -- D:\Program Files\plugins-04041e-1f8.dat
    [2012/05/15 15:00:54 | 000,002,617 | ---- | C] () -- D:\Users\Public\Desktop\Brave Arms.lnk
    [2012/05/15 15:00:54 | 000,002,383 | ---- | C] () -- D:\Users\Public\Desktop\HDDlife Pro.lnk
    [2012/05/15 15:00:54 | 000,002,019 | ---- | C] () -- D:\Users\Public\Desktop\Adobe Reader X.lnk
    [2012/05/15 15:00:54 | 000,002,010 | ---- | C] () -- D:\Users\Public\Desktop\Evolve.lnk
    [2012/05/15 15:00:54 | 000,001,253 | ---- | C] () -- D:\Users\Public\Desktop\SISTERS `‰Ä‚̍Ōã‚Ì“ú`.lnk
    [2012/05/15 15:00:54 | 000,001,174 | ---- | C] () -- D:\Users\Public\Desktop\Battlefield 3.lnk
    [2012/05/15 15:00:54 | 000,001,129 | ---- | C] () -- D:\Users\Public\Desktop\OpenVPN GUI.lnk
    [2012/05/15 15:00:54 | 000,001,070 | ---- | C] () -- D:\Users\Public\Desktop\VLC media player.lnk
    [2012/05/15 15:00:54 | 000,000,998 | ---- | C] () -- D:\Users\Public\Desktop\eMule.lnk
    [2012/05/15 15:00:54 | 000,000,983 | ---- | C] () -- D:\Users\Public\Desktop\Origin.lnk
    [2012/05/15 15:00:54 | 000,000,982 | ---- | C] () -- D:\Users\Public\Desktop\GetNZB.lnk
    [2012/05/15 15:00:54 | 000,000,967 | ---- | C] () -- D:\Users\Public\Desktop\BitTorrent.lnk
    [2012/05/15 15:00:54 | 000,000,878 | ---- | C] () -- D:\Users\Public\Desktop\TrueCrypt.lnk
    [2012/05/15 15:00:54 | 000,000,842 | ---- | C] () -- D:\Users\Public\Desktop\Uninstall ACR.lnk
    [2012/05/15 15:00:54 | 000,000,825 | ---- | C] () -- D:\Users\Public\Desktop\CCleaner.lnk
    [2012/05/15 15:00:54 | 000,000,755 | ---- | C] () -- D:\Users\Public\Desktop\Test Drive Unlimited 2.lnk
    [2012/05/15 15:00:54 | 000,000,659 | ---- | C] () -- D:\Users\Public\Desktop\Launch Hitman Blood Money.lnk
    [2012/05/15 15:00:54 | 000,000,601 | ---- | C] () -- D:\Users\Public\Desktop\Addon characters MOD.lnk
    [2012/05/15 14:48:27 | 002,621,723 | ---- | C] () -- D:\Windows\System32\nvcoproc.bin
    [2012/05/15 14:21:04 | 000,001,024 | ---- | C] () -- D:\.rnd
    [2012/05/15 10:54:13 | 000,000,868 | ---- | C] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/05/15 09:43:44 | 000,095,744 | ---- | C] () -- D:\Windows\System32\RDVGHelper.exe
    [2012/05/15 09:43:35 | 000,347,904 | ---- | C] () -- D:\Windows\System32\systemsf.ebd
    [2012/05/15 09:43:22 | 000,281,600 | ---- | C] () -- D:\Windows\System32\DShowRdpFilter.dll
    [2012/05/15 09:43:20 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
    [2012/05/15 09:42:39 | 000,010,429 | ---- | C] () -- D:\Windows\System32\ScavengeSpace.xml
    [2012/05/15 09:42:34 | 000,105,559 | ---- | C] () -- D:\Windows\SysWow64\RacRules.xml
    [2012/05/15 09:42:34 | 000,105,559 | ---- | C] () -- D:\Windows\System32\RacRules.xml
    [2012/05/15 09:42:30 | 000,146,389 | ---- | C] () -- D:\Windows\SysWow64\printmanagement.msc
    [2012/05/15 09:42:30 | 000,001,041 | ---- | C] () -- D:\Windows\SysWow64\tcpbidi.xml
    [2012/05/15 09:28:15 | 000,001,369 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
    [2012/05/15 08:55:12 | 000,072,822 | ---- | C] () -- D:\Windows\SysWow64\ieuinit.inf
    [2012/05/15 08:55:11 | 000,072,822 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
    [2012/05/15 07:14:04 | 000,074,272 | ---- | C] () -- D:\Windows\System32\RtNicProp64.dll
    [2012/05/15 07:09:43 | 000,001,769 | ---- | C] () -- D:\Windows\Language_trs.ini
    [2012/05/15 07:09:38 | 000,028,660 | ---- | C] () -- D:\Windows\Ascd_tmp.ini
    [2012/05/15 06:57:50 | 000,001,417 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
    [2012/05/15 06:57:47 | 000,001,451 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    [2012/05/15 06:57:43 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2012/05/15 06:57:12 | 000,000,290 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2012/05/15 06:57:12 | 000,000,272 | ---- | C] () -- D:\Users\Ägaren\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
    [2012/05/15 06:45:09 | 000,001,345 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    [2012/05/15 06:45:09 | 000,001,326 | ---- | C] () -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    [2012/05/15 06:42:04 | 2132,725,759 | -HS- | C] () -- D:\hiberfil.sys
    [2012/05/14 20:21:50 | 000,423,744 | ---- | C] () -- D:\Windows\SysWow64\nvStreaming.exe
    [2011/09/19 09:03:40 | 000,045,056 | ---- | C] () -- D:\Windows\SysWow64\rtvcvfw32.dll
    [2010/04/02 11:17:34 | 000,179,091 | ---- | C] () -- D:\Windows\SysWow64\xlive.dll.cat
    [2009/12/06 13:18:14 | 000,026,624 | ---- | C] () -- D:\Windows\bfcs2.dll
    [2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
    [2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
    [2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
    [2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
    [2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
    [2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
    [2009/04/02 08:30:14 | 000,010,296 | ---- | C] () -- D:\Windows\SysWow64\drivers\ASUSHWIO.SYS

    ========== LOP Check ==========

    [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
    [2012/05/17 17:04:37 | 000,000,000 | ---D | M] -- D:\ProgramData\Battle.net
    [2012/05/16 11:19:06 | 000,000,000 | ---D | M] -- D:\ProgramData\BDLogging
    [2012/05/28 11:56:57 | 000,000,000 | ---D | M] -- D:\ProgramData\Codemasters
    [2012/05/23 08:00:45 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Lite
    [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
    [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokument
    [2012/05/28 11:56:59 | 000,000,000 | -HSD | M] -- D:\ProgramData\DSS
    [2012/05/20 05:50:16 | 000,000,000 | ---D | M] -- D:\ProgramData\EA Core
    [2012/05/27 06:53:43 | 000,000,000 | ---D | M] -- D:\ProgramData\EA Logs
    [2012/06/03 06:47:48 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts
    [2012/05/27 16:25:56 | 000,000,000 | ---D | M] -- D:\ProgramData\ESET
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriter
    [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Mallar
    [2012/05/20 05:50:16 | 000,000,000 | ---D | M] -- D:\ProgramData\Origin
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Programdata
    [2012/06/02 12:39:49 | 000,000,000 | ---D | M] -- D:\ProgramData\Rockstar Games
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Skrivbord
    [2012/06/03 11:50:20 | 000,000,000 | ---D | M] -- D:\ProgramData\Sophos
    [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
    [2012/05/15 06:57:04 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start-meny
    [2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
    [2012/06/07 19:56:42 | 000,023,678 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========


    < End of report >
     
  12. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Do this on the computer you are posting from:
    Copy the text in the codebox below:


    Code:
    :OTL
    SRV - [2011/06/26 02:45:56 | 000,256,000 | ---- | M] () [Auto] -- D:\32788R22FWJFW\pev.3XE -- (PEVSystemStart)
    [2012/06/06 15:25:38 | 000,000,488 | -HS- | M] () -- D:\Windows\9907881drv.spi
    
    
    :Services
    
    :Reg
    
    :Files
    C:\Windows\assembly\GAC_32\Desktop.ini
    C:\Windows\assembly\GAC_64\Desktop.ini
    C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}
    c:\windows\system32\services.exe|c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe /replace
    
    :Commands
    [purity]
    
    Open Notepad and paste it.
    Save the document as Fix.txt on to a USB flash drive


    On the infected computer the following...

    Run OTLPE

    • Insert USB stick and find the file Fix.txt. Drag the file Fix.txt and drop it under the Custom Scans/Fixes box at the bottom.
      • (The content of Fix.txt should appear in the box)
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post the log produced (you'll need to transfer it with USB stick)
    • Remove the CD and shut down computer manually.
    • Reboot normally into Windows and post new aswMBR log.
  13. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    So you want me to boot it in the custom OS again, and run the fix from there?
  14. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Exactly.
  15. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    ========== OTL ==========
    Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PEVSystemStart deleted successfully.
    D:\32788R22FWJFW\pev.3XE moved successfully.
    D:\Windows\9907881drv.spi moved successfully.
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    File\Folder C:\Windows\assembly\GAC_32\Desktop.ini not found.
    File\Folder C:\Windows\assembly\GAC_64\Desktop.ini not found.
    File\Folder C:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e} not found.
    File c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe not found.
    ========== COMMANDS ==========

    OTLPE by OldTimer - Version 3.1.48.0 log created on 06082012_055642
  16. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    Why does it say not found? Is it because its being labeled D:\ instead of C:\ when im that custom OS?
    Well eitherway, its 6 am here and I really, really need to sleep ;)

    If you want me to do something else I will do it when I wake up.
  17. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Yes, get some sleep :)

    Yeah, my fault. I didn't notice your drive was labeled "D" while booting from the CD.

    When you wake up re-run OTL fix (again, boot from the CD) with this code:

    Code:
    :OTL
     
    :Services
     
    :Reg
     
    :Files
    d:\Windows\assembly\GAC_32\Desktop.ini
    d:\Windows\assembly\GAC_64\Desktop.ini
    d:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}
    d:\windows\system32\services.exe|d:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe /replace
     
    :Commands
    [purity]
  18. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    Ok it completed like it should I think, but now when I launch windows I got Object: C:\_OTL\MovedFiles\06082012_145015\d_Windows\assembly\GAC_64\Desktop.ini trying to access SearchProtocolHost.exe inside system32. From Nod32 that is.

    ¨========== OTL ==========
    ========== SERVICES/DRIVERS ==========
    ========== REGISTRY ==========
    ========== FILES ==========
    File\Folder d:\Windows\assembly\GAC_32\Desktop.ini not found.
    d:\Windows\assembly\GAC_64\Desktop.ini moved successfully.
    d:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\U folder moved successfully.
    d:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e}\L folder moved successfully.
    d:\Windows\Installer\{6ccbf812-07b7-4726-bef0-b612a153384e} folder moved successfully.
    File d:\windows\system32\services.exe successfully replaced with d:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
    ========== COMMANDS ==========

    OTLPE by OldTimer - Version 3.1.48.0 log created on 06082012_145015
     
  19. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Empty C:\_OTL\MovedFiles folder.

    Now I want you to restart in Safe Mode and see if Combofix will run from there.
  20. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    I couldn't remove one last folder in there. It contains Installer and assembly folder, which we know contains the viruses. I will try CF from safe mode.
  21. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    Ok I got CF running in normal mode. I just launched it and this is the log that came out.
    ComboFix 12-06-07.03 - Ägaren 2012-06-08 19:53:31.4.4 - x64
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.46.1053.18.8173.6842 [GMT 2:00]
    Körs från: c:\users\Ägaren\Desktop\ComboFix.exe
    AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((( Filer skapade från 2012-05-08 till 2012-06-08 ))))))))))))))))))))))))))))))
    .
    .
    2012-06-08 17:58 . 2012-06-08 17:58 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-06-08 17:58 . 2012-06-08 17:58 -------- d-----w- c:\users\Chrilles\AppData\Local\temp
    2012-06-08 17:05 . 2012-06-08 17:06 -------- d-----w- c:\programdata\PMB Files
    2012-06-08 17:04 . 2012-06-08 17:04 -------- d-----w- c:\program files (x86)\Pando Networks
    2012-06-08 02:04 . 2012-06-08 02:04 -------- d-----w- C:\found.000
    2012-06-07 18:23 . 2012-06-07 22:20 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
    2012-06-07 16:16 . 2012-06-07 16:16 -------- d-----w- c:\program files\Alex Feinman
    2012-06-05 23:50 . 2012-05-08 17:02 8955792 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4552CAB4-0065-4371-B8ED-5513444AFBD7}\mpengine.dll
    2012-06-03 18:42 . 2012-06-03 18:42 -------- d-----w- c:\program files (x86)\ESET
    2012-06-03 18:29 . 2012-06-03 18:29 -------- d-----w- C:\_OTL
    2012-06-03 15:50 . 2012-06-03 15:50 -------- d-----w- c:\programdata\Sophos
    2012-06-03 15:50 . 2012-06-03 15:50 -------- d-----w- c:\program files (x86)\Sophos
    2012-06-03 12:49 . 2012-06-03 12:49 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
    2012-06-03 08:12 . 2012-06-07 00:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy
    2012-06-03 08:12 . 2012-06-03 08:13 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
    2012-06-02 20:17 . 2012-06-02 20:17 -------- d-----w- c:\programdata\Kaspersky Lab
    2012-06-02 20:17 . 2012-06-02 20:17 460888 ----a-w- c:\windows\system32\drivers\39377219.sys
    2012-06-02 17:35 . 2012-06-02 17:35 -------- d-----w- c:\programdata\Malwarebytes
    2012-06-02 17:35 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-02 17:35 . 2012-06-02 17:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-06-02 16:39 . 2012-06-02 16:39 -------- d-----w- c:\programdata\Rockstar Games
    2012-06-02 11:28 . 2012-06-07 22:57 -------- d-----w-aren c:\users\GAREN~2
    2012-06-02 11:14 . 2012-06-02 11:14 -------- d-----w- c:\program files (x86)\Rockstar Games
    2012-05-28 15:56 . 2012-05-28 15:56 -------- d-sh--w- c:\programdata\DSS
    2012-05-26 15:55 . 2012-05-26 22:38 -------- d-----w- c:\program files (x86)\MSI Afterburner
    2012-05-26 13:38 . 2012-05-26 13:38 -------- d-----w- c:\program files (x86)\GIGA
    2012-05-25 18:17 . 2012-05-25 18:17 -------- d-----w- c:\program files (x86)\FlashGet
    2012-05-24 14:58 . 2012-05-24 14:58 -------- d-----w- C:\KISS
    2012-05-24 14:20 . 2012-03-09 08:57 23816 ------w- c:\windows\system32\drivers\cpuz135_x64.sys
    2012-05-24 14:20 . 2012-05-24 14:20 -------- d-----w- c:\program files\CPUID
    2012-05-24 11:42 . 2012-05-24 11:42 -------- d-----w- c:\program files\Speccy
    2012-05-23 11:58 . 2012-05-23 11:58 283200 ------w- c:\windows\system32\drivers\dtsoftbus01.sys
    2012-05-23 11:58 . 2012-05-23 11:58 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
    2012-05-23 11:57 . 2012-05-23 12:00 -------- d-----w- c:\programdata\DAEMON Tools Lite
    2012-05-22 19:19 . 2012-05-22 19:19 -------- d-----w- c:\windows\Sun
    2012-05-22 19:16 . 2012-05-22 19:16 -------- d-----w- c:\program files (x86)\Oracle
    2012-05-22 19:15 . 2012-04-04 16:47 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-05-22 19:15 . 2012-04-04 16:47 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-05-22 19:12 . 2012-05-15 09:29 2561856 ----a-w- c:\windows\system32\nvsvcr.dll
    2012-05-22 15:04 . 2012-05-22 15:13 -------- d-----w- c:\program files (x86)\NeoDownloader
    2012-05-21 19:30 . 2012-05-21 19:30 -------- d-----w- c:\program files (x86)\7-Zip
    2012-05-21 19:27 . 2012-05-21 19:27 -------- d-----w- c:\program files (x86)\Notepad++
    2012-05-20 14:41 . 2012-05-20 14:41 -------- d-----w- c:\program files (x86)\OpenOffice.org 3
    2012-05-20 09:53 . 2012-06-01 10:35 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2012-05-18 19:54 . 2012-06-03 10:47 -------- d-----w- c:\programdata\Electronic Arts
    2012-05-18 19:54 . 2012-05-18 19:55 -------- d-----w- c:\program files (x86)\Origin
    2012-05-17 21:22 . 2012-05-17 21:34 -------- d-----w- c:\programdata\Blizzard Entertainment
    2012-05-17 21:04 . 2012-05-17 21:04 -------- d-----w- c:\programdata\Battle.net
    2012-05-17 19:47 . 2012-05-17 21:34 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
    2012-05-16 15:19 . 2012-05-16 15:19 -------- d-----w- c:\programdata\BDLogging
    2012-05-16 15:18 . 2012-05-27 20:35 -------- d-----w- c:\program files\Bitdefender
    2012-05-16 15:16 . 2012-05-27 20:21 -------- d-----w- c:\program files\Common Files\Bitdefender
    2012-05-15 20:52 . 2012-05-15 20:52 -------- d-----w- c:\program files (x86)\VideoLAN
    2012-05-15 20:50 . 2011-03-02 10:43 175616 ----a-w- c:\windows\SysWow64\unrar.dll
    2012-05-15 20:50 . 2012-05-15 20:50 -------- d-----w- c:\program files (x86)\K-Lite Codec Pack
    2012-05-15 20:08 . 2012-05-15 20:08 -------- d-----w- c:\program files (x86)\VPNCheck
    2012-05-15 20:00 . 2012-05-15 20:02 -------- d-----w- c:\program files (x86)\OpenVPN
    2012-05-15 19:17 . 2012-06-06 00:01 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
    2012-05-15 19:09 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
    2012-05-15 19:09 . 2009-07-14 01:15 50688 ----a-w- c:\program files (x86)\Internet Explorer\hmmapi.dll
    2012-05-15 19:02 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
    2012-05-15 18:51 . 2012-06-07 20:57 -------- d-----w- c:\users\UpdatusUser
    2012-05-15 18:43 . 2012-05-15 18:42 839112 ----a-w- c:\windows\system32\deployJava1.dll
    2012-05-15 18:43 . 2012-05-15 18:42 955848 ----a-w- c:\windows\system32\npDeployJava1.dll
    2012-05-15 18:42 . 2012-05-15 18:42 -------- d-----w- c:\program files\Java
    2012-05-15 18:24 . 2003-04-09 03:28 233472 ----a-r- c:\users\Chrilles\AppData\Roaming\MafiaSetup.exe
    2012-05-15 18:18 . 2012-05-15 18:18 -------- d-----w- c:\program files\SystemRequirementsLab
    2012-05-15 14:56 . 2012-05-15 14:57 -------- d-----w- c:\windows\SysWow64\Adobe
    2012-05-15 14:54 . 2012-05-15 20:42 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-15 14:54 . 2012-05-15 20:42 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-15 14:54 . 2012-05-15 14:54 -------- d-----w- c:\windows\SysWow64\Macromed
    2012-05-15 14:54 . 2012-05-15 14:54 -------- d-----w- c:\windows\system32\Macromed
    2012-05-15 14:49 . 2012-05-15 14:49 -------- d-----w- c:\program files (x86)\Microsoft
    2012-05-15 14:47 . 2005-05-26 13:34 3767504 ----a-w- c:\windows\system32\d3dx9_26.dll
    2012-05-15 14:47 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\SysWow64\d3dx9_26.dll
    2012-05-15 14:09 . 2012-05-15 14:09 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
    2012-05-15 14:07 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
    2012-05-15 14:07 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
    2012-05-15 13:46 . 2012-05-15 13:46 -------- d-----w- c:\windows\system32\SPReview
    2012-05-15 13:46 . 2012-05-15 13:46 -------- d-----w- c:\windows\system32\EventProviders
    2012-05-15 13:42 . 2010-11-20 13:27 624128 ----a-w- c:\windows\system32\qedit.dll
    2012-05-15 13:41 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
    2012-05-15 13:41 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
    2012-05-15 13:41 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
    2012-05-15 13:24 . 2012-05-15 13:24 -------- d-----w- c:\windows\SysWow64\Wat
    2012-05-15 13:24 . 2012-05-15 13:24 -------- d-----w- c:\windows\system32\Wat
    2012-05-15 12:57 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
    2012-05-15 12:48 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-05-15 12:48 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
    2012-05-15 12:48 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
    2012-05-15 12:48 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-05-15 12:48 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
    2012-05-15 12:48 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
    2012-05-15 12:48 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
    2012-05-15 12:44 . 2010-12-17 11:40 715776 ----a-w- c:\windows\system32\kerberos.dll
    2012-05-15 12:38 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
    2012-05-15 12:38 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
    2012-05-15 12:31 . 2012-05-15 12:31 -------- d-----w- c:\programdata\NVIDIA Corporation
    2012-05-15 12:31 . 2012-05-22 19:13 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
    2012-05-15 12:31 . 2012-05-22 19:12 -------- d-----w- c:\program files\NVIDIA Corporation
    2012-05-15 12:30 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
    2012-05-15 12:30 . 2012-02-17 06:38 1112064 ----a-w- c:\windows\system32\rdpcorets.dll
    2012-05-15 12:30 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
    2012-05-15 12:30 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
    2012-05-15 12:30 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-05-15 12:30 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
    2012-05-15 12:30 . 2010-11-20 11:07 162816 ----a-w- c:\windows\system32\rdpudd.dll
    2012-05-15 12:30 . 2010-11-20 11:03 20992 ------w- c:\windows\system32\drivers\rdpvideominiport.sys
    2012-05-15 11:41 . 2012-06-02 21:33 -------- d-----w- c:\windows\Panther
    2012-05-15 11:18 . 2012-02-23 08:18 279656 ------w- c:\windows\system32\MpSigStub.exe
    2012-05-15 11:15 . 2012-05-15 11:15 -------- d-----w- c:\program files (x86)\ASM104xUSB3
    2012-05-15 11:14 . 2011-06-10 06:34 74272 ----a-w- c:\windows\system32\RtNicProp64.dll
    2012-05-15 11:14 . 2011-06-10 06:34 539240 ------w- c:\windows\system32\drivers\Rt64win7.sys
    2012-05-15 11:14 . 2011-06-10 06:34 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
    2012-05-15 11:11 . 2005-11-13 21:22 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
    2012-05-15 11:11 . 2005-11-13 21:22 69715 ------w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
    2012-05-15 11:11 . 2005-11-13 21:21 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
    2012-05-15 11:11 . 2005-11-13 21:20 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
    2012-05-15 11:11 . 2005-11-13 21:19 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
    2012-05-15 11:11 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
    2012-05-15 11:11 . 2005-11-13 21:16 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
    2012-05-15 11:11 . 2012-05-12 21:55 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
    2012-05-15 11:11 . 2012-05-12 21:55 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
    2012-05-15 11:11 . 2012-05-15 11:11 16896 ----a-w- c:\windows\AsTaskSched.dll
    2012-05-15 11:11 . 2012-05-15 11:11 -------- d-----w- c:\program files (x86)\Intel
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-15 13:55 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
    2012-05-15 13:55 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
    2012-05-15 10:48 . 2012-02-09 20:43 1738048 ----a-w- c:\windows\system32\nvdispco64.dll
    2012-05-15 10:48 . 2012-02-09 20:43 1468224 ----a-w- c:\windows\system32\nvgenco64.dll
    2012-05-15 10:48 . 2012-02-09 20:43 10194752 ----a-w- c:\windows\system32\nvwgf2umx.dll
    2012-05-02 00:46 . 2012-05-02 00:46 4472832 ----a-w- c:\windows\SysWow64\GPhotos.scr
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-06-07_22.53.41 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2012-05-15 12:27 . 2012-06-08 17:53 33584 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2009-07-14 05:10 . 2012-06-08 17:53 30228 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
    - 2012-05-15 10:46 . 2012-06-07 22:51 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2012-05-15 10:46 . 2012-06-08 17:05 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2012-06-03 19:26 . 2012-06-08 17:05 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2012-06-03 19:26 . 2012-06-07 22:51 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-07-14 04:54 . 2012-06-07 22:51 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-07-14 04:54 . 2012-06-08 17:05 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-05-15 11:06 . 2012-06-08 17:53 7176 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3856055600-2435477386-2425398921-1000_UserData.bin
    + 2012-06-08 17:51 . 2012-06-08 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-06-07 22:53 . 2012-06-07 22:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-06-08 17:51 . 2012-06-08 17:51 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2012-06-07 22:53 . 2012-06-07 22:53 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2009-07-13 23:19 . 2009-07-14 01:39 328704 c:\windows\system32\services.exe
    - 2009-07-14 07:43 . 2012-06-07 22:45 625534 c:\windows\system32\perfh01D.dat
    + 2009-07-14 07:43 . 2012-06-08 12:57 625534 c:\windows\system32\perfh01D.dat
    - 2009-07-14 02:36 . 2012-06-07 22:45 615810 c:\windows\system32\perfh009.dat
    + 2009-07-14 02:36 . 2012-06-08 12:57 615810 c:\windows\system32\perfh009.dat
    - 2009-07-14 07:43 . 2012-06-07 22:45 123688 c:\windows\system32\perfc01D.dat
    + 2009-07-14 07:43 . 2012-06-08 12:57 123688 c:\windows\system32\perfc01D.dat
    - 2009-07-14 02:36 . 2012-06-07 22:45 106190 c:\windows\system32\perfc009.dat
    + 2009-07-14 02:36 . 2012-06-08 12:57 106190 c:\windows\system32\perfc009.dat
    - 2009-07-14 05:01 . 2012-06-07 22:52 277180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2009-07-14 05:01 . 2012-06-08 17:48 277180 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2012-05-15 15:03 . 2012-06-08 17:48 8299544 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3856055600-2435477386-2425398921-1000-12288.dat
    .
    (((((((((((((((((((((((((((((((((( Startpunkter I registret )))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Not* tomma poster & legitima standardposter visas inte.
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
    "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer3"=wdmaud.drv
    .
    R1 1052426drv;1052426drv;c:\windows\system32\DRIVERS\1052426drv.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 257696]
    R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 39377219;39377219;c:\windows\system32\DRIVERS\39377219.sys [x]
    S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
    S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
    S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
    S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
    S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
    S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
    S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [x]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    .
    .
    Innehåll I mappen 'Schemalagda aktiviteter':
    .
    2012-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 20:42]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-06-28 11905128]
    "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
    .
    ------- Extra genomsökning -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = about:blank
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: &Download All with FlashGet - c:\program files (x86)\FlashGet\jc_all.htm
    IE: &Download with FlashGet - c:\program files (x86)\FlashGet\jc_link.htm
    FF - ProfilePath - c:\users\Ägaren\AppData\Roaming\Mozilla\Firefox\Profiles\r3cyqdc7.default\
    .
    .
    --------------------- LÅSTA REGISTERNYCKLAR ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
    89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
    "{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
    1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
    "{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}"=hex:51,66,7a,6c,4c,1d,38,12,68,40,25,
    2b,77,e4,db,02,e0,8b,7a,e8,bc,10,3a,e3
    "{53707962-6F74-2D53-2644-206D7942484F}"=hex:51,66,7a,6c,4c,1d,38,12,0c,7a,63,
    57,46,21,3d,68,59,52,63,2d,7c,1c,0c,5b
    "{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
    d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
    "{F156768E-81EF-470C-9057-481BA8380DBA}"=hex:51,66,7a,6c,4c,1d,38,12,e0,75,45,
    f5,dd,cf,62,02,ef,41,0b,5b,ad,66,49,ae
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:5f,b7,7b,f1,c8,44,cd,01
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Sluttid: 2012-06-08 20:00:13
    ComboFix-quarantined-files.txt 2012-06-08 18:00
    ComboFix2.txt 2012-06-07 23:39
    ComboFix3.txt 2012-06-07 22:57
    .
    Före genomsökningen: 366 261 149 696 byte ledigt
    Efter genomsökningen: 366 171 058 176 byte ledigt
    .
    - - End Of File - - FFC49ED7BFF8F92AC7876399914FCCA5

    Want me to run some special thing?
  22. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    Also, Nod32 managed to delete the file in GAC64 so I could remove the whole folder.
  23. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    Combofix log looks good so if there are no other issues....

    Your computer is clean [​IMG]

    1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

    Run OTL

    • Under the Custom Scans/Fixes box at the bottom, paste in the following:

    Code:
    :OTL
    :Commands
    [purity]
    [emptytemp]
    [EMPTYFLASH]
    [emptyjava]
    [CLEARALLRESTOREPOINTS]
    [Reboot]
    • Then click the Run Fix button at the top
    • Let the program run unhindered, reboot the PC when it is done
    • Post resulting log.

    2. Now, we'll remove all tools, we used during our cleaning process

    Clean up with OTL:

    • Double-click OTL.exe to start the program.
    • Close all other programs apart from OTL as this step will require a reboot
    • On the OTL main screen, press the CLEANUP button
    • Say Yes to the prompt and then allow the program to reboot your computer.

    If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

    3. Make sure, Windows Updates are current.

    4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

    5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

    6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

    7. Run Temporary File Cleaner (TFC) weekly.

    8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

    9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
    The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

    10. (Windows XP only) Run defrag at your convenience.

    11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

    12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

    13. Please, let me know, how your computer is doing.
  24. cschrille

    cschrille TechSpot Enthusiast Topic Starter Posts: 181

    Thank you so much! :)

    My PC seems fine, no viruses detected in MBAM or Nod32.
  25. Broni

    Broni Malware Annihilator Posts: 46,153   +251

    You're very welcome [​IMG]

    Make sure you complete all final steps, especially resetting restore points.

    Good luck and stay safe :)


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.