| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8: PC auf einmal enorm Langsam, Avira findet jedoch keine Viren oder ähnlichesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.05.2014, 17:25
| #1 |
| |  Windows 8: PC auf einmal enorm Langsam, Avira findet jedoch keine Viren oder ähnliches Hallo erstmal, hatte vor einiger Zeit mal Malware auf dem PC. Hab ihn darauf hin zurück gesetzt. Danach gleich mal Avira geholt und drüber laufen lassen. Avira findet nichts mehr, also dachte ich mir muss alles weg sein. Doch dann fällt mir heute auf das mein PC plötzlich enorm langsam wird. Jetzt bin ich mir nicht sicher ob er von Viren oder ähnlichem befallen ist. Erstmal die defrogger, FRST und GMER Log Files. Defrogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:54 on 07/05/2014 (Kast)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014
Ran by Kast (administrator) on KAST on 07-05-2014 18:21:40
Running from C:\Users\patrick\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Akamai Technologies, Inc.) C:\Users\patrick\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\patrick\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2114237306-1549420666-2872277542-1001\...\Run: [Akamai NetSession Interface] => C:\Users\patrick\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x718D2043EB63CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.10
FireFox:
========
FF ProfilePath: C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\i1we4249.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\patrick\AppData\Roaming\Mozilla\Firefox\Profiles\i1we4249.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-05]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U3 pxldqpow; \??\C:\Users\patrick\AppData\Local\Temp\pxldqpow.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-07 18:21 - 2014-05-07 18:21 - 00006770 _____ () C:\Users\patrick\Downloads\FRST.txt
2014-05-07 18:14 - 2014-05-07 18:14 - 00004216 _____ () C:\Users\patrick\Desktop\gmer.txt
2014-05-07 17:55 - 2014-05-07 17:56 - 00092347 _____ () C:\Users\patrick\Desktop\FRST.txt
2014-05-07 17:55 - 2014-05-07 17:54 - 00000470 _____ () C:\Users\patrick\Desktop\defogger_disable.log
2014-05-07 17:54 - 2014-05-07 18:20 - 00000470 _____ () C:\Users\patrick\Downloads\defogger_disable.log
2014-05-06 23:12 - 2014-05-07 15:54 - 00000000 ____D () C:\Users\patrick\Documents\DragonNest
2014-05-06 23:12 - 2014-05-06 23:12 - 00002185 _____ () C:\Users\patrick\Desktop\Dragon Nest Europe.lnk
2014-05-06 23:12 - 2014-05-06 23:12 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2014-05-06 23:11 - 2014-05-06 23:11 - 00000000 ____D () C:\Program Files (x86)\SDGi Europe
2014-05-06 22:34 - 2014-05-06 22:35 - 00692800 _____ ( ) C:\Users\patrick\Downloads\DNDownloader82.exe
2014-05-06 17:48 - 2014-05-06 17:48 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-05 19:32 - 2014-05-05 19:32 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Avira
2014-05-05 19:31 - 2014-05-05 19:31 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\ProgramData\Avira
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-05 19:31 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-05 19:31 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-05 19:31 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-05 19:27 - 2014-05-05 19:28 - 138607664 _____ () C:\Users\patrick\Downloads\avira_free_antivirus614_de.exe
2014-05-05 19:09 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-05-05 19:07 - 2014-05-05 19:08 - 150392912 _____ (AVG Technologies) C:\Users\patrick\Downloads\avg_free_x86_all_2014_4569a7320(1).exe
2014-05-05 18:53 - 2014-05-05 18:53 - 00380416 _____ () C:\Users\patrick\Downloads\dhuj5cn4.exe
2014-05-05 18:52 - 2014-05-07 18:21 - 00000000 ____D () C:\FRST
2014-05-05 18:40 - 2014-05-05 18:41 - 02063872 _____ (Farbar) C:\Users\patrick\Downloads\FRST64.exe
2014-05-05 18:39 - 2014-05-05 18:39 - 00050477 _____ () C:\Users\patrick\Downloads\Defogger.exe
2014-05-05 18:39 - 2014-05-05 18:39 - 00000000 _____ () C:\Users\patrick\defogger_reenable
2014-05-05 17:54 - 2014-05-07 16:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-05 17:54 - 2014-05-05 17:54 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-05 17:53 - 2014-05-05 17:53 - 00000000 ____D () C:\Users\patrick\AppData\Local\Macromedia
2014-05-05 17:52 - 2014-05-05 17:53 - 00000000 ____D () C:\Users\patrick\AppData\Local\Adobe
2014-05-05 17:32 - 2014-04-29 18:00 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-05 17:32 - 2014-04-29 16:47 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-05 17:29 - 2014-04-23 02:24 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-05 17:29 - 2014-04-23 02:24 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-04 22:02 - 2014-05-05 17:30 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-05-04 18:59 - 2014-05-04 19:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-04 18:59 - 2014-03-31 03:51 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-02 19:01 - 2014-05-07 01:02 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ____D () C:\Users\patrick\AppData\Local\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ____D () C:\ProgramData\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-02 18:58 - 2014-05-02 18:58 - 34827424 _____ (Skype Technologies S.A.) C:\Users\patrick\Downloads\SkypeSetupFull6.14.73.104.exe
2014-05-01 14:16 - 2013-11-27 17:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-05-01 14:16 - 2013-11-27 15:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-05-01 14:16 - 2013-11-27 11:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-05-01 14:16 - 2013-11-27 10:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-05-01 14:16 - 2013-11-26 15:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-05-01 14:16 - 2013-11-26 15:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-05-01 14:16 - 2013-11-26 13:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-05-01 14:16 - 2013-11-25 03:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-05-01 14:16 - 2013-11-23 09:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-01 14:16 - 2013-11-23 06:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-05-01 14:16 - 2013-11-23 05:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-05-01 14:16 - 2013-11-23 05:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-05-01 14:16 - 2013-11-21 08:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-01 14:16 - 2013-11-15 16:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-05-01 14:16 - 2013-11-15 15:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-05-01 14:15 - 2013-12-09 02:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-05-01 14:15 - 2013-12-09 02:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-05-01 14:15 - 2013-11-27 17:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-05-01 14:15 - 2013-11-27 16:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-05-01 14:15 - 2013-11-27 14:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2014-05-01 14:15 - 2013-11-27 12:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-05-01 14:15 - 2013-11-27 11:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-05-01 14:15 - 2013-11-27 11:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-05-01 14:15 - 2013-11-27 11:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2014-05-01 14:15 - 2013-11-27 10:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-05-01 14:15 - 2013-11-25 03:45 - 00142680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-05-01 14:15 - 2013-11-25 01:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-05-01 14:15 - 2013-11-25 01:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-05-01 14:15 - 2013-11-23 14:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-05-01 14:15 - 2013-11-23 09:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2014-05-01 14:15 - 2013-11-23 09:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-05-01 14:15 - 2013-11-21 08:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2014-05-01 14:15 - 2013-11-15 16:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-05-01 14:15 - 2013-11-15 16:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-05-01 14:15 - 2013-10-31 02:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-05-01 14:15 - 2013-10-31 01:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-05-01 14:13 - 2014-01-08 03:46 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-05-01 14:13 - 2014-01-08 03:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-05-01 14:13 - 2014-01-08 03:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-05-01 14:13 - 2014-01-04 17:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2014-05-01 14:13 - 2014-01-04 17:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-05-01 14:13 - 2014-01-04 16:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-05-01 14:13 - 2014-01-04 15:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-05-01 14:13 - 2014-01-03 01:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-05-01 14:13 - 2014-01-03 01:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-05-01 14:13 - 2014-01-01 03:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-05-01 14:13 - 2014-01-01 03:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-05-01 14:13 - 2014-01-01 02:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-05-01 14:13 - 2014-01-01 02:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-05-01 14:13 - 2014-01-01 01:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-05-01 14:13 - 2014-01-01 01:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-01 14:13 - 2014-01-01 01:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-05-01 14:13 - 2013-12-31 01:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-05-01 14:13 - 2013-12-31 01:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-05-01 14:13 - 2013-12-31 01:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2014-05-01 14:13 - 2013-12-31 01:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-05-01 14:13 - 2013-12-31 01:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-05-01 14:13 - 2013-12-27 17:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-05-01 14:13 - 2013-12-27 10:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-05-01 14:13 - 2013-12-27 10:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-05-01 14:13 - 2013-12-27 10:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-05-01 14:13 - 2013-12-27 09:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-05-01 14:13 - 2013-12-27 09:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-05-01 14:13 - 2013-12-27 08:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-05-01 14:13 - 2013-12-21 09:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2014-05-01 14:13 - 2013-12-17 09:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-05-01 14:13 - 2013-12-14 08:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-05-01 14:13 - 2013-12-14 08:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-05-01 14:13 - 2013-12-13 12:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-05-01 14:13 - 2013-12-13 08:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-05-01 14:13 - 2013-12-13 07:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-05-01 14:13 - 2013-12-09 10:05 - 21199256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-01 14:13 - 2013-12-09 06:51 - 18643560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-01 14:13 - 2013-11-04 13:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-05-01 14:13 - 2013-11-04 03:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-05-01 14:13 - 2013-10-05 16:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-05-01 14:13 - 2013-10-05 16:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-05-01 14:13 - 2013-10-05 14:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-05-01 14:13 - 2013-10-05 14:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-05-01 14:12 - 2013-09-26 08:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2014-05-01 14:12 - 2013-09-26 08:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-05-01 14:12 - 2013-09-25 12:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-05-01 14:12 - 2013-09-24 07:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-05-01 14:12 - 2013-09-21 11:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-05-01 14:12 - 2013-09-21 08:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-05-01 14:12 - 2013-09-21 07:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-05-01 14:12 - 2013-09-21 07:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-05-01 14:12 - 2013-09-21 06:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-05-01 14:11 - 2013-09-26 11:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-05-01 14:11 - 2013-09-26 09:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-05-01 14:11 - 2013-09-26 09:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-05-01 14:11 - 2013-09-25 10:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-05-01 14:11 - 2013-09-25 09:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2014-05-01 14:11 - 2013-09-25 07:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2014-05-01 14:11 - 2013-09-24 08:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-05-01 14:11 - 2013-09-24 07:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-05-01 14:11 - 2013-09-24 07:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-05-01 14:11 - 2013-09-24 07:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-05-01 14:11 - 2013-09-24 05:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-05-01 14:11 - 2013-09-21 14:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-05-01 14:11 - 2013-09-21 14:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-05-01 14:11 - 2013-09-21 14:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-05-01 14:11 - 2013-09-21 13:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-05-01 14:11 - 2013-09-21 13:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-05-01 14:11 - 2013-09-21 13:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-05-01 14:11 - 2013-09-21 12:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-01 14:11 - 2013-09-21 12:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-05-01 14:11 - 2013-09-21 12:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-05-01 14:11 - 2013-09-21 12:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2014-05-01 14:11 - 2013-09-21 12:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-05-01 14:11 - 2013-09-21 12:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-01 14:11 - 2013-09-21 11:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-05-01 14:11 - 2013-09-21 11:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-05-01 14:11 - 2013-09-21 11:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-05-01 14:11 - 2013-09-21 11:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-05-01 14:11 - 2013-09-21 09:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-01 14:11 - 2013-09-21 09:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-01 14:11 - 2013-09-21 09:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-05-01 14:11 - 2013-09-21 09:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-05-01 14:11 - 2013-09-21 08:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-05-01 14:11 - 2013-09-21 08:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-05-01 14:11 - 2013-09-21 07:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-01 14:11 - 2013-09-21 07:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll
2014-05-01 14:11 - 2013-09-21 07:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-05-01 14:11 - 2013-09-21 07:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-01 14:11 - 2013-09-21 07:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-05-01 14:11 - 2013-09-21 07:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-01 14:11 - 2013-09-21 07:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-01 14:11 - 2013-09-21 07:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-05-01 14:11 - 2013-09-21 07:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-05-01 14:11 - 2013-09-21 07:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-05-01 14:11 - 2013-09-21 07:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-05-01 14:11 - 2013-09-21 07:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-05-01 14:11 - 2013-09-21 06:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-05-01 14:11 - 2013-09-21 06:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-05-01 14:11 - 2013-09-21 06:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-05-01 14:11 - 2013-09-21 06:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2014-05-01 14:11 - 2013-09-21 06:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2014-05-01 14:11 - 2013-09-21 06:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-05-01 14:11 - 2013-09-19 09:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll
2014-05-01 14:11 - 2013-09-19 08:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2014-05-01 14:11 - 2013-09-19 08:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2014-05-01 14:11 - 2013-09-19 08:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2014-05-01 14:11 - 2013-09-19 08:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-05-01 14:11 - 2013-09-19 07:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2014-05-01 14:11 - 2013-09-19 07:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-05-01 14:11 - 2013-09-19 07:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-05-01 14:11 - 2013-09-19 07:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-05-01 14:11 - 2013-09-19 06:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-05-01 14:11 - 2013-09-19 06:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-05-01 14:11 - 2013-09-19 06:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2014-05-01 14:11 - 2013-09-19 06:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-05-01 14:11 - 2013-09-19 06:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-05-01 14:11 - 2013-09-19 06:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-05-01 14:11 - 2013-09-19 06:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-05-01 14:11 - 2013-09-19 05:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-05-01 14:11 - 2013-09-19 05:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-05-01 14:11 - 2013-09-19 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-05-01 14:11 - 2013-09-19 05:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-05-01 14:11 - 2013-09-17 08:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-05-01 14:11 - 2013-09-17 07:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-05-01 14:11 - 2013-09-17 07:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-01 14:11 - 2013-09-17 07:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-05-01 14:11 - 2013-09-17 06:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-01 14:11 - 2013-09-17 06:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2014-05-01 14:11 - 2013-09-17 05:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-05-01 14:11 - 2013-09-14 16:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys
2014-05-01 14:11 - 2013-09-14 16:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2014-05-01 14:11 - 2013-09-14 13:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-05-01 14:11 - 2013-09-13 11:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll
2014-05-01 14:11 - 2013-09-13 10:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2014-05-01 14:11 - 2013-09-13 10:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2014-05-01 14:11 - 2013-09-13 09:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-05-01 14:11 - 2013-09-13 09:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-05-01 14:11 - 2013-09-12 09:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-05-01 14:11 - 2013-09-11 11:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-05-01 14:11 - 2013-09-11 11:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-01 14:11 - 2013-09-11 09:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-05-01 14:11 - 2013-09-11 09:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-05-01 14:11 - 2013-09-07 14:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll
2014-05-01 14:11 - 2013-09-07 14:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2014-05-01 14:11 - 2013-09-07 14:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2014-05-01 14:11 - 2013-09-07 13:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-05-01 14:11 - 2013-09-07 13:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2014-05-01 14:11 - 2013-09-07 13:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2014-05-01 14:11 - 2013-09-07 13:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2014-05-01 14:11 - 2013-09-07 13:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2014-05-01 14:11 - 2013-09-07 13:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2014-05-01 14:11 - 2013-09-05 09:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-05-01 14:11 - 2013-09-05 08:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2014-05-01 14:11 - 2013-09-05 07:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2014-05-01 14:11 - 2013-09-04 09:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-05-01 14:11 - 2013-09-04 08:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2014-05-01 14:11 - 2013-09-04 07:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2014-05-01 14:11 - 2013-09-04 07:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll
2014-05-01 14:11 - 2013-09-04 06:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2014-05-01 14:11 - 2013-09-04 06:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-05-01 14:11 - 2013-09-04 06:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-05-01 14:11 - 2013-08-31 16:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-05-01 14:11 - 2013-08-31 14:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-05-01 14:11 - 2013-08-31 14:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-05-01 14:11 - 2013-08-31 12:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-05-01 14:11 - 2013-08-31 12:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-05-01 14:11 - 2013-08-31 11:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-05-01 14:11 - 2013-08-30 09:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2014-05-01 14:11 - 2013-08-28 09:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-05-01 14:11 - 2013-08-28 09:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2014-05-01 14:11 - 2013-08-28 09:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2014-05-01 14:11 - 2013-08-27 08:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2014-05-01 14:11 - 2013-08-27 07:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-05-01 14:07 - 2013-10-23 13:21 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-05-01 14:07 - 2013-10-23 13:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2014-05-01 14:07 - 2013-10-22 09:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-05-01 14:07 - 2013-10-22 08:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-05-01 14:07 - 2013-10-22 07:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-05-01 14:07 - 2013-10-22 06:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-05-01 14:07 - 2013-10-22 05:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-05-01 14:07 - 2013-10-22 05:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-05-01 14:07 - 2013-10-22 04:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-05-01 14:07 - 2013-10-22 03:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-05-01 14:07 - 2013-10-19 06:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-05-01 14:07 - 2013-10-19 06:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-05-01 14:07 - 2013-10-19 05:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-05-01 14:07 - 2013-10-19 05:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-05-01 14:07 - 2013-10-16 11:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-05-01 14:07 - 2013-10-16 11:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-05-01 14:07 - 2013-10-13 05:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-05-01 14:07 - 2013-10-13 04:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-05-01 14:07 - 2013-10-10 18:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-05-01 14:07 - 2013-10-10 18:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-05-01 14:07 - 2013-10-10 16:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-05-01 14:07 - 2013-10-10 16:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-05-01 14:07 - 2013-10-10 13:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-05-01 14:07 - 2013-10-08 12:28 - 00523096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-05-01 14:07 - 2013-10-08 07:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-05-01 14:07 - 2013-10-08 07:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-05-01 14:07 - 2013-10-08 07:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2014-05-01 14:07 - 2013-10-08 06:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-05-01 14:07 - 2013-10-07 04:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-05-01 14:07 - 2013-10-05 16:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-05-01 14:07 - 2013-10-05 14:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-05-01 14:07 - 2013-10-05 13:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-05-01 14:07 - 2013-10-05 11:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-05-01 14:07 - 2013-10-05 11:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-05-01 14:07 - 2013-10-05 10:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-05-01 14:07 - 2013-10-05 10:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-05-01 14:07 - 2013-10-05 10:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-05-01 14:07 - 2013-10-05 10:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-05-01 14:07 - 2013-10-05 09:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-05-01 14:07 - 2013-10-05 09:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-05-01 14:07 - 2013-10-04 10:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-05-01 14:07 - 2013-09-17 11:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-05-01 14:07 - 2013-09-17 11:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-05-01 14:07 - 2013-09-17 08:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-05-01 14:07 - 2013-09-17 08:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-05-01 14:07 - 2013-09-14 16:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-05-01 14:07 - 2013-09-14 16:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-05-01 14:07 - 2013-09-14 14:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-05-01 14:07 - 2013-09-14 14:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-05-01 14:07 - 2013-09-12 10:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-05-01 14:07 - 2013-09-12 09:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-05-01 14:07 - 2013-09-12 09:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-05-01 14:07 - 2013-09-10 06:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2014-05-01 14:06 - 2013-10-23 13:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2014-05-01 14:06 - 2013-10-22 04:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-05-01 14:06 - 2013-10-22 04:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-05-01 14:06 - 2013-10-08 08:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-05-01 14:06 - 2013-10-08 07:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-05-01 14:06 - 2013-10-08 07:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-05-01 14:06 - 2013-10-08 06:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-05-01 14:06 - 2013-10-07 09:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-05-01 14:06 - 2013-10-05 17:25 - 00057176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2014-05-01 14:06 - 2013-10-05 11:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-05-01 14:06 - 2013-10-05 10:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2014-05-01 14:06 - 2013-10-05 10:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-05-01 14:06 - 2013-09-17 06:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-05-01 14:06 - 2013-09-14 12:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-05-01 14:06 - 2013-09-14 11:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2014-05-01 14:06 - 2013-09-13 10:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-05-01 14:06 - 2013-09-13 09:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-05-01 14:06 - 2013-09-12 10:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-05-01 14:06 - 2013-09-12 10:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-05-01 14:06 - 2013-09-12 10:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-05-01 14:06 - 2013-09-12 09:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-05-01 14:06 - 2013-09-12 09:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-05-01 14:06 - 2013-09-12 09:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-05-01 14:06 - 2013-09-12 09:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-05-01 14:05 - 2013-11-08 05:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-05-01 14:05 - 2013-10-31 02:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-01 14:05 - 2013-10-10 12:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-05-01 14:05 - 2013-10-10 12:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-05-01 14:04 - 2013-11-11 04:48 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-05-01 14:04 - 2013-11-09 08:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-05-01 14:04 - 2013-11-09 07:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-05-01 14:04 - 2013-11-08 12:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-05-01 14:04 - 2013-11-08 06:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-05-01 14:04 - 2013-11-08 06:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-05-01 14:04 - 2013-11-08 06:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-05-01 14:04 - 2013-11-08 05:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-05-01 14:04 - 2013-11-05 16:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-05-01 14:04 - 2013-11-04 15:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-05-01 14:04 - 2013-11-04 12:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-05-01 14:04 - 2013-11-04 04:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-05-01 14:04 - 2013-11-01 13:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-05-01 14:04 - 2013-11-01 08:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-05-01 14:04 - 2013-11-01 07:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-05-01 14:04 - 2013-10-31 02:58 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-05-01 14:04 - 2013-10-31 02:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-05-01 14:04 - 2013-10-31 02:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-05-01 14:04 - 2013-10-26 03:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2014-05-01 14:04 - 2013-10-24 11:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-05-01 14:04 - 2013-10-24 11:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-05-01 14:04 - 2013-10-17 13:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-05-01 14:04 - 2013-10-17 12:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-05-01 14:04 - 2013-10-10 13:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-05-01 14:04 - 2013-10-10 13:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-05-01 14:03 - 2013-10-19 10:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-05-01 14:03 - 2013-10-19 09:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-05-01 14:03 - 2013-10-03 11:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-05-01 14:03 - 2013-10-03 11:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-05-01 14:03 - 2013-10-02 13:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-05-01 14:03 - 2013-10-02 11:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-05-01 14:03 - 2013-10-01 05:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-05-01 14:03 - 2013-10-01 05:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-05-01 14:02 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-01 14:02 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-01 14:02 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-01 14:02 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-01 14:02 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-01 14:02 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-01 14:02 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-01 14:02 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-01 14:02 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-01 14:02 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-01 14:02 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-01 14:02 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-01 14:02 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-01 14:02 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-01 14:02 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-01 14:02 - 2014-02-22 14:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-05-01 14:02 - 2014-02-22 13:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-05-01 14:02 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-01 14:02 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-01 14:02 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-01 14:02 - 2014-02-06 12:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-01 14:02 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-01 14:02 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-01 14:02 - 2014-02-06 12:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-01 14:02 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-01 14:02 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-01 14:02 - 2014-02-06 12:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-01 14:02 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-01 14:02 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-01 14:02 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-01 14:02 - 2014-02-06 11:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-01 14:02 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-01 14:02 - 2014-02-06 11:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-01 14:02 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-01 14:02 - 2014-02-06 11:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-01 14:02 - 2013-12-20 12:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-05-01 14:02 - 2013-12-20 12:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-05-01 14:02 - 2013-12-09 02:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-05-01 14:02 - 2013-12-09 02:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-05-01 14:02 - 2013-12-09 01:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-05-01 14:02 - 2013-12-09 01:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-05-01 14:01 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-05-01 14:01 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2014-05-01 14:01 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-01 14:01 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-01 14:01 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-01 14:01 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-01 14:01 - 2014-02-11 05:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-05-01 14:01 - 2014-02-11 04:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-05-01 14:01 - 2014-02-11 04:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-05-01 14:01 - 2014-01-31 18:15 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-05-01 14:01 - 2014-01-31 18:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-05-01 14:01 - 2014-01-31 18:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-05-01 14:01 - 2014-01-31 15:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-05-01 14:01 - 2014-01-31 11:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-05-01 14:01 - 2014-01-29 10:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-05-01 14:01 - 2014-01-29 10:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-05-01 14:01 - 2014-01-29 10:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-05-01 14:01 - 2014-01-29 10:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-05-01 14:01 - 2014-01-29 09:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-05-01 14:01 - 2014-01-29 09:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-05-01 14:01 - 2014-01-29 09:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-05-01 14:01 - 2014-01-29 08:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-05-01 14:01 - 2014-01-29 02:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-05-01 14:01 - 2014-01-27 21:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-05-01 14:01 - 2014-01-27 21:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-05-01 14:01 - 2014-01-27 21:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-05-01 14:01 - 2014-01-27 20:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-05-01 14:01 - 2014-01-27 20:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-05-01 14:01 - 2014-01-27 20:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-05-01 14:01 - 2014-01-27 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-05-01 14:01 - 2014-01-27 19:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-05-01 14:01 - 2014-01-27 19:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-05-01 14:01 - 2014-01-27 19:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-05-01 14:01 - 2014-01-27 17:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-05-01 14:01 - 2014-01-27 17:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-05-01 14:01 - 2014-01-27 13:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-05-01 14:01 - 2014-01-18 01:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-05-01 14:01 - 2014-01-17 23:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-05-01 14:01 - 2014-01-09 10:25 - 02804224 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-05-01 14:01 - 2014-01-09 09:59 - 01020928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-05-01 14:01 - 2014-01-09 09:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-05-01 14:01 - 2014-01-09 09:49 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-05-01 14:01 - 2014-01-09 09:44 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-05-01 14:01 - 2014-01-09 09:43 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-05-01 14:01 - 2014-01-09 09:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-05-01 14:01 - 2014-01-09 09:28 - 04217344 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-05-01 14:01 - 2014-01-09 09:28 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-05-01 14:01 - 2014-01-09 09:18 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-05-01 14:01 - 2014-01-07 09:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2014-05-01 14:01 - 2014-01-07 07:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-05-01 14:01 - 2014-01-07 07:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-05-01 14:01 - 2014-01-07 06:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-05-01 14:01 - 2014-01-04 22:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-05-01 14:01 - 2014-01-04 21:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-05-01 14:01 - 2014-01-04 16:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-05-01 14:01 - 2014-01-04 16:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-05-01 14:01 - 2014-01-04 15:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-05-01 14:01 - 2014-01-04 15:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-05-01 14:01 - 2014-01-04 15:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-05-01 14:01 - 2014-01-04 15:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-05-01 14:01 - 2013-12-21 16:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-05-01 14:01 - 2013-12-21 10:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-05-01 14:01 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-05-01 14:01 - 2013-12-21 04:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-05-01 14:01 - 2013-12-09 04:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-01 14:01 - 2013-12-09 03:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-01 14:01 - 2013-12-09 02:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-05-01 14:01 - 2013-11-27 17:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-05-01 14:01 - 2013-11-27 13:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2014-05-01 14:01 - 2013-11-27 10:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-01 14:01 - 2013-11-27 10:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-01 14:01 - 2013-11-27 10:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-01 14:01 - 2013-11-27 10:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-01 14:01 - 2013-11-23 06:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-05-01 14:01 - 2013-11-23 06:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-05-01 14:01 - 2013-11-21 08:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-05-01 14:01 - 2013-11-21 07:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-05-01 14:01 - 2013-11-09 08:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-05-01 14:01 - 2013-11-09 08:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-05-01 14:01 - 2013-11-09 07:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-05-01 14:01 - 2013-10-31 02:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-01 14:01 - 2013-10-31 02:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-05-01 14:01 - 2013-10-31 02:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-01 14:01 - 2013-10-23 13:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-05-01 14:01 - 2013-10-23 10:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-05-01 14:01 - 2013-10-16 17:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-05-01 14:01 - 2013-10-16 15:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-05-01 14:01 - 2013-10-15 10:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-05-01 14:01 - 2013-10-15 10:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-05-01 14:01 - 2013-10-13 04:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-05-01 14:01 - 2013-10-12 23:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-05-01 14:01 - 2013-10-12 23:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-05-01 14:01 - 2013-10-05 16:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-05-01 14:01 - 2013-10-05 10:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-05-01 14:01 - 2013-09-21 09:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-04-30 18:06 - 2014-04-30 18:06 - 00001182 _____ () C:\Users\patrick\Desktop\Vindictus - Verknüpfung.lnk
2014-04-30 14:42 - 2014-04-30 14:42 - 00000000 ____D () C:\ProgramData\Nexon
2014-04-30 14:40 - 2014-04-30 14:48 - 00000000 ____D () C:\Users\patrick\Documents\Vindictus EU
2014-04-30 14:39 - 2014-04-30 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-04-30 14:39 - 2014-04-30 14:39 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-04-30 13:45 - 2014-04-30 14:39 - 00000000 ____D () C:\Nexon
2014-04-30 13:45 - 2014-04-30 13:45 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\patrick\Downloads\NexonEU_Installer(1).exe
2014-04-30 13:45 - 2014-04-30 13:45 - 00000000 ____D () C:\Users\patrick\AppData\Local\Akamai
2014-04-29 23:52 - 2014-04-30 14:41 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-29 22:59 - 2014-04-29 23:00 - 00000000 ____D () C:\AdwCleaner
2014-04-29 22:57 - 2014-04-29 22:57 - 01310621 _____ () C:\Users\patrick\Downloads\adwcleaner-3.205.exe
2014-04-29 22:56 - 2014-04-29 22:56 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\patrick\Downloads\NexonEU_Installer.exe
2014-04-29 22:55 - 2014-04-29 22:55 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-29 22:55 - 2014-04-29 22:55 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Mozilla
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Users\patrick\AppData\Local\Mozilla
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-29 22:47 - 2014-04-29 22:47 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\TuneUp Software
2014-04-29 22:47 - 2014-04-29 22:47 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\AVG2014
2014-04-29 22:46 - 2014-05-07 17:32 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-29 22:46 - 2014-05-05 19:30 - 00000000 ___HD () C:\$AVG
2014-04-29 22:44 - 2014-04-29 22:44 - 28860016 _____ (Mozilla) C:\Users\patrick\Downloads\Firefox_Setup_29.0_de.exe
2014-04-29 22:42 - 2014-05-07 17:53 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2114237306-1549420666-2872277542-1001
2014-04-29 22:42 - 2014-05-07 17:32 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-29 22:42 - 2014-05-05 19:30 - 00000000 ____D () C:\Users\patrick\AppData\Local\Avg2014
2014-04-29 22:42 - 2014-04-29 22:42 - 00000000 ____D () C:\Users\patrick\AppData\Local\MFAData
2014-04-29 22:41 - 2014-04-29 22:42 - 150392912 _____ (AVG Technologies) C:\Users\patrick\Downloads\avg_free_x86_all_2014_4569a7320.exe
2014-04-29 22:40 - 2014-04-29 22:40 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6B83CCC5-0CFB-49F2-8D32-95DBE2827545}
2014-04-29 22:40 - 2014-04-29 22:40 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Macromedia
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\ATI
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\Users\patrick\AppData\Local\ATI
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\Users\patrick\AppData\Local\AMD
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\ProgramData\ATI
2014-04-29 22:36 - 2014-04-29 22:36 - 00060817 _____ () C:\Windows\SysWOW64\CCCInstall_201404292236237980.log
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\ProgramData\AMD
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-04-29 22:35 - 2014-04-29 22:36 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\Program Files\AMD
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\AMD
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-04-29 20:51 - 2014-04-29 23:02 - 00000000 __RDO () C:\Users\patrick\SkyDrive
2014-04-29 20:49 - 2014-05-07 17:38 - 01686150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 20:49 - 2014-05-05 18:39 - 00000000 ____D () C:\Users\patrick
2014-04-29 20:49 - 2014-05-05 17:30 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-29 20:49 - 2014-05-05 17:30 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-29 20:49 - 2014-05-05 17:30 - 00000000 ____D () C:\Users\patrick\AppData\Local\Packages
2014-04-29 20:49 - 2014-04-29 22:57 - 00000000 ____D () C:\Users\patrick\AppData\Local\VirtualStore
2014-04-29 20:49 - 2014-04-29 20:49 - 00001454 _____ () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-29 20:49 - 2014-04-29 20:49 - 00000020 ___SH () C:\Users\patrick\ntuser.ini
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Vorlagen
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Startmenü
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Netzwerkumgebung
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Lokale Einstellungen
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Eigene Dateien
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Druckumgebung
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Documents\Eigene Musik
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Documents\Eigene Bilder
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\AppData\Local\Verlauf
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\AppData\Local\Anwendungsdaten
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Anwendungsdaten
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Adobe
2014-04-29 20:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-29 20:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-29 20:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-29 20:49 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-29 20:45 - 2014-05-07 18:10 - 01593444 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 20:45 - 2013-08-22 07:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-29 20:41 - 2014-04-29 20:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-04-29 20:40 - 2014-05-07 17:32 - 00113942 _____ () C:\Windows\PFRO.log
2014-04-29 20:40 - 2014-04-29 20:49 - 00000000 ____D () C:\Windows\Panther
==================== One Month Modified Files and Folders =======
2014-05-07 18:21 - 2014-05-07 18:21 - 00006770 _____ () C:\Users\patrick\Downloads\FRST.txt
2014-05-07 18:21 - 2014-05-05 18:52 - 00000000 ____D () C:\FRST
2014-05-07 18:20 - 2014-05-07 17:54 - 00000470 _____ () C:\Users\patrick\Downloads\defogger_disable.log
2014-05-07 18:14 - 2014-05-07 18:14 - 00004216 _____ () C:\Users\patrick\Desktop\gmer.txt
2014-05-07 18:10 - 2014-04-29 20:45 - 01593444 _____ () C:\Windows\WindowsUpdate.log
2014-05-07 17:56 - 2014-05-07 17:55 - 00092347 _____ () C:\Users\patrick\Desktop\FRST.txt
2014-05-07 17:54 - 2014-05-07 17:55 - 00000470 _____ () C:\Users\patrick\Desktop\defogger_disable.log
2014-05-07 17:53 - 2014-04-29 22:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2114237306-1549420666-2872277542-1001
2014-05-07 17:38 - 2014-04-29 20:49 - 01686150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 17:38 - 2013-08-23 01:24 - 00726688 _____ () C:\Windows\system32\perfh007.dat
2014-05-07 17:38 - 2013-08-23 01:24 - 00151380 _____ () C:\Windows\system32\perfc007.dat
2014-05-07 17:36 - 2013-08-22 16:46 - 00013604 _____ () C:\Windows\setupact.log
2014-05-07 17:34 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-05-07 17:32 - 2014-04-29 22:46 - 00000000 ____D () C:\ProgramData\AVG2014
2014-05-07 17:32 - 2014-04-29 22:42 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-07 17:32 - 2014-04-29 20:40 - 00113942 _____ () C:\Windows\PFRO.log
2014-05-07 17:32 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-07 16:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-05-07 16:29 - 2014-05-05 17:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 15:54 - 2014-05-06 23:12 - 00000000 ____D () C:\Users\patrick\Documents\DragonNest
2014-05-07 01:02 - 2014-05-02 19:01 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Skype
2014-05-06 23:12 - 2014-05-06 23:12 - 00002185 _____ () C:\Users\patrick\Desktop\Dragon Nest Europe.lnk
2014-05-06 23:12 - 2014-05-06 23:12 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SDGi Europe
2014-05-06 23:11 - 2014-05-06 23:11 - 00000000 ____D () C:\Program Files (x86)\SDGi Europe
2014-05-06 22:35 - 2014-05-06 22:34 - 00692800 _____ ( ) C:\Users\patrick\Downloads\DNDownloader82.exe
2014-05-06 17:48 - 2014-05-06 17:48 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-05 19:32 - 2014-05-05 19:32 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Avira
2014-05-05 19:31 - 2014-05-05 19:31 - 00002086 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\ProgramData\Avira
2014-05-05 19:31 - 2014-05-05 19:31 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-05 19:30 - 2014-04-29 22:46 - 00000000 ___HD () C:\$AVG
2014-05-05 19:30 - 2014-04-29 22:42 - 00000000 ____D () C:\Users\patrick\AppData\Local\Avg2014
2014-05-05 19:30 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-05-05 19:28 - 2014-05-05 19:27 - 138607664 _____ () C:\Users\patrick\Downloads\avira_free_antivirus614_de.exe
2014-05-05 19:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-05 19:08 - 2014-05-05 19:07 - 150392912 _____ (AVG Technologies) C:\Users\patrick\Downloads\avg_free_x86_all_2014_4569a7320(1).exe
2014-05-05 18:53 - 2014-05-05 18:53 - 00380416 _____ () C:\Users\patrick\Downloads\dhuj5cn4.exe
2014-05-05 18:41 - 2014-05-05 18:40 - 02063872 _____ (Farbar) C:\Users\patrick\Downloads\FRST64.exe
2014-05-05 18:39 - 2014-05-05 18:39 - 00050477 _____ () C:\Users\patrick\Downloads\Defogger.exe
2014-05-05 18:39 - 2014-05-05 18:39 - 00000000 _____ () C:\Users\patrick\defogger_reenable
2014-05-05 18:39 - 2014-04-29 20:49 - 00000000 ____D () C:\Users\patrick
2014-05-05 17:57 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-05 17:54 - 2014-05-05 17:54 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-05 17:53 - 2014-05-05 17:53 - 00000000 ____D () C:\Users\patrick\AppData\Local\Macromedia
2014-05-05 17:53 - 2014-05-05 17:52 - 00000000 ____D () C:\Users\patrick\AppData\Local\Adobe
2014-05-05 17:47 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-05-05 17:30 - 2014-05-04 22:02 - 00000000 ___RD () C:\Windows\BrowserChoice
2014-05-05 17:30 - 2014-04-29 20:49 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-05 17:30 - 2014-04-29 20:49 - 00000000 ___RD () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-05 17:30 - 2014-04-29 20:49 - 00000000 ____D () C:\Users\patrick\AppData\Local\Packages
2014-05-05 17:28 - 2013-08-22 16:44 - 00335992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\FileManager
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Camera
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-04 22:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-04 22:02 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-05-04 22:02 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-05-04 22:02 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-05-04 19:00 - 2014-05-04 18:59 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-02 19:01 - 2014-05-02 19:01 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ____D () C:\Users\patrick\AppData\Local\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ____D () C:\ProgramData\Skype
2014-05-02 19:01 - 2014-05-02 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-02 18:58 - 2014-05-02 18:58 - 34827424 _____ (Skype Technologies S.A.) C:\Users\patrick\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-30 18:06 - 2014-04-30 18:06 - 00001182 _____ () C:\Users\patrick\Desktop\Vindictus - Verknüpfung.lnk
2014-04-30 14:48 - 2014-04-30 14:40 - 00000000 ____D () C:\Users\patrick\Documents\Vindictus EU
2014-04-30 14:42 - 2014-04-30 14:42 - 00000000 ____D () C:\ProgramData\Nexon
2014-04-30 14:41 - 2014-04-29 23:52 - 00000000 ____D () C:\ProgramData\NexonEU
2014-04-30 14:39 - 2014-04-30 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-04-30 14:39 - 2014-04-30 14:39 - 00000000 ____D () C:\Program Files (x86)\BandiMPEG1
2014-04-30 14:39 - 2014-04-30 13:45 - 00000000 ____D () C:\Nexon
2014-04-30 13:45 - 2014-04-30 13:45 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\patrick\Downloads\NexonEU_Installer(1).exe
2014-04-30 13:45 - 2014-04-30 13:45 - 00000000 ____D () C:\Users\patrick\AppData\Local\Akamai
2014-04-29 23:02 - 2014-04-29 20:51 - 00000000 __RDO () C:\Users\patrick\SkyDrive
2014-04-29 23:00 - 2014-04-29 22:59 - 00000000 ____D () C:\AdwCleaner
2014-04-29 22:57 - 2014-04-29 22:57 - 01310621 _____ () C:\Users\patrick\Downloads\adwcleaner-3.205.exe
2014-04-29 22:57 - 2014-04-29 20:49 - 00000000 ____D () C:\Users\patrick\AppData\Local\VirtualStore
2014-04-29 22:56 - 2014-04-29 22:56 - 10552296 _____ (Akamai Technologies, Inc.) C:\Users\patrick\Downloads\NexonEU_Installer.exe
2014-04-29 22:55 - 2014-04-29 22:55 - 00001175 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-29 22:55 - 2014-04-29 22:55 - 00001163 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Mozilla
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Users\patrick\AppData\Local\Mozilla
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\ProgramData\Mozilla
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-29 22:55 - 2014-04-29 22:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-29 22:47 - 2014-04-29 22:47 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\TuneUp Software
2014-04-29 22:47 - 2014-04-29 22:47 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\AVG2014
2014-04-29 22:44 - 2014-04-29 22:44 - 28860016 _____ (Mozilla) C:\Users\patrick\Downloads\Firefox_Setup_29.0_de.exe
2014-04-29 22:42 - 2014-04-29 22:42 - 00000000 ____D () C:\Users\patrick\AppData\Local\MFAData
2014-04-29 22:42 - 2014-04-29 22:41 - 150392912 _____ (AVG Technologies) C:\Users\patrick\Downloads\avg_free_x86_all_2014_4569a7320.exe
2014-04-29 22:40 - 2014-04-29 22:40 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6B83CCC5-0CFB-49F2-8D32-95DBE2827545}
2014-04-29 22:40 - 2014-04-29 22:40 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Macromedia
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\ATI
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\Users\patrick\AppData\Local\ATI
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\Users\patrick\AppData\Local\AMD
2014-04-29 22:37 - 2014-04-29 22:37 - 00000000 ____D () C:\ProgramData\ATI
2014-04-29 22:36 - 2014-04-29 22:36 - 00060817 _____ () C:\Windows\SysWOW64\CCCInstall_201404292236237980.log
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\ProgramData\AMD
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-04-29 22:36 - 2014-04-29 22:36 - 00000000 ____D () C:\Program Files (x86)\Advanced Micro Devices, Inc
2014-04-29 22:36 - 2014-04-29 22:35 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\Program Files\AMD
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 ____D () C:\AMD
2014-04-29 22:35 - 2014-04-29 22:35 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-04-29 22:35 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\restore
2014-04-29 21:39 - 2014-03-25 22:46 - 00000000 __SHD () C:\Recovery
2014-04-29 21:39 - 2013-08-22 17:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-04-29 21:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-04-29 20:49 - 2014-04-29 20:49 - 00001454 _____ () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-29 20:49 - 2014-04-29 20:49 - 00000020 ___SH () C:\Users\patrick\ntuser.ini
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Vorlagen
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Startmenü
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Netzwerkumgebung
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Lokale Einstellungen
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Eigene Dateien
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Druckumgebung
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Documents\Eigene Musik
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Documents\Eigene Bilder
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\AppData\Local\Verlauf
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\AppData\Local\Anwendungsdaten
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 _SHDL () C:\Users\patrick\Anwendungsdaten
2014-04-29 20:49 - 2014-04-29 20:49 - 00000000 ____D () C:\Users\patrick\AppData\Roaming\Adobe
2014-04-29 20:49 - 2014-04-29 20:40 - 00000000 ____D () C:\Windows\Panther
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-04-29 20:43 - 2014-04-29 20:43 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-04-29 20:43 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-04-29 20:43 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-04-29 20:42 - 2013-08-22 17:37 - 00001720 _____ () C:\Windows\DtcInstall.log
2014-04-29 20:41 - 2014-04-29 20:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-04-29 18:00 - 2014-05-05 17:32 - 23133184 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 16:47 - 2014-05-05 17:32 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-23 02:24 - 2014-05-05 17:29 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 02:24 - 2014-05-05 17:29 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\patrick\AppData\Local\Temp\avgnt.exe
C:\Users\patrick\AppData\Local\Temp\bdfilters.dll
C:\Users\patrick\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\patrick\AppData\Local\Temp\NGMDll.dll
C:\Users\patrick\AppData\Local\Temp\NGMResource.dll
C:\Users\patrick\AppData\Local\Temp\NGMSetup.exe
C:\Users\patrick\AppData\Local\Temp\Quarantine.exe
C:\Users\patrick\AppData\Local\Temp\unicows.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-29 20:40
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2014
Ran by Kast at 2014-05-07 18:21:59
Running from C:\Users\patrick\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
DNDownloader version 1.2 (HKLM-x32\...\DNDownloader_is1) (Version: 1.2 - )
Dragon Nest Europe (HKLM-x32\...\Dragon Nest Europe) (Version: - )
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
==================== Restore Points =========================
29-04-2014 20:35:28 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
04-05-2014 16:38:48 Windows Update
05-05-2014 16:57:53 Removed AVG 2014
==================== Hosts content: ==========================
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9A9CCB9-C88A-463A-BB4C-B3ADD4A0E0EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-05] (Adobe Systems Incorporated)
Task: {EEEE733E-41C8-4738-9E2E-CBD7A2E27568} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-03-31] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-12-06 16:06 - 2013-12-06 16:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-05-05 19:31 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-04-29 22:55 - 2014-04-22 11:25 - 03845232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\patrick\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: I:\
Description: MS/MS-Pro
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFWpdFs
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2014 05:35:55 PM) (Source: Application Hang) (User: )
Description: Programm PhotosApp.exe, Version 6.3.9600.16507 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c18
Startzeit: 01cf6a09fc99e3ed
Endzeit: 4294967295
Anwendungspfad: C:\Windows\FileManager\PhotosApp.exe
Berichts-ID: 441d6ddb-d5fd-11e3-8254-e03f49480a56
Vollständiger Name des fehlerhaften Pakets: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Windows.PhotoManager
Error: (05/07/2014 05:35:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kast)
Description: Die App „FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (05/05/2014 07:52:38 PM) (Source: Application Hang) (User: )
Description: Programm avscan.exe, Version 14.0.3.332 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 918
Startzeit: 01cf68881cdc9178
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
Berichts-ID: e145800b-d47d-11e3-8253-e03f49480a56
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (04/29/2014 11:04:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Kast)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023564. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (04/29/2014 10:44:33 PM) (Source: Microsoft-Windows-RestartManager) (User: Kast)
Description: Die Anwendung oder der Dienst "Catalyst Control Center: Host application" konnte nicht heruntergefahren werden.
Error: (04/29/2014 10:41:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16384, Zeitstempel: 0x52157231
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.9600.16384, Zeitstempel: 0x5215965d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003c86ea
ID des fehlerhaften Prozesses: 0x138c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
System errors:
=============
Error: (05/07/2014 06:13:56 PM) (Source: NetBT) (User: )
Description: Der Name "KAST :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.36
registriert werden. Der Computer mit IP-Adresse 192.168.178.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (05/07/2014 05:50:13 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk6\DR6 gefunden.
Error: (05/07/2014 05:33:28 PM) (Source: NetBT) (User: )
Description: Der Name "KAST :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.36
registriert werden. Der Computer mit IP-Adresse 192.168.178.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (05/07/2014 05:33:02 PM) (Source: NetBT) (User: )
Description: Der Name "KAST :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.36
registriert werden. Der Computer mit IP-Adresse 192.168.178.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (05/07/2014 05:33:01 PM) (Source: NetBT) (User: )
Description: Der Name "KAST :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.36
registriert werden. Der Computer mit IP-Adresse 192.168.178.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (05/07/2014 05:32:57 PM) (Source: NetBT) (User: )
Description: Der Name "KAST :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.36
registriert werden. Der Computer mit IP-Adresse 192.168.178.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (05/07/2014 05:33:01 PM) (Source: Server) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{FE813447-EACA-46B6-BD24-A20539FC7BB3} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (05/07/2014 05:32:53 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 07.05.2014 um 16:37:04 unerwartet heruntergefahren.
Error: (05/07/2014 05:32:31 PM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT-AUTORITÄT)
Description: 32212256845576379379994352
Error: (05/07/2014 04:24:51 PM) (Source: NetBT) (User: )
Description: Der Name "KAST :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.36
registriert werden. Der Computer mit IP-Adresse 192.168.178.10 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Microsoft Office Sessions:
=========================
Error: (05/07/2014 05:35:55 PM) (Source: Application Hang)(User: )
Description: PhotosApp.exe6.3.9600.16507c1801cf6a09fc99e3ed4294967295C:\Windows\FileManager\PhotosApp.exe441d6ddb-d5fd-11e3-8254-e03f49480a56FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewyMicrosoft.Windows.PhotoManager
Error: (05/07/2014 05:35:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Kast)
Description: FileManager_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy+Microsoft.Windows.PhotoManager
Error: (05/05/2014 07:52:38 PM) (Source: Application Hang)(User: )
Description: avscan.exe14.0.3.33291801cf68881cdc917860000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exee145800b-d47d-11e3-8253-e03f49480a56
Error: (04/29/2014 11:04:57 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Kast)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023564
Error: (04/29/2014 10:44:33 PM) (Source: Microsoft-Windows-RestartManager)(User: Kast)
Description: 1C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeCatalyst Control Center: Host application0211724600
Error: (04/29/2014 10:41:17 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1638452157231MSHTML.dll11.0.9600.163845215965dc0000005003c86ea138c01cf63eb41782c62C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\MSHTML.dll9c9af8cd-cfde-11e3-824e-e03f49480a56
==================== Memory info ===========================
Percentage of memory in use: 27%
Total physical RAM: 7364.8 MB
Available physical RAM: 5326.93 MB
Total Pagefile: 9220.8 MB
Available Pagefile: 7114.14 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.17 GB) (Free:867.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 0A8663D0)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-07 18:14:05
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000028 ST1000DM003-1CH162 rev.CC49 931,51GB
Running: dhuj5cn4.exe; Driver: C:\Users\patrick\AppData\Local\Temp\pxldqpow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\system32\atiesrxx.exe[824] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffe1f40169a 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atiesrxx.exe[824] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffe1f4016a2 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atiesrxx.exe[824] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffe1f40181a 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atiesrxx.exe[824] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffe1f401832 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atieclxx.exe[1064] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffe1f40169a 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atieclxx.exe[1064] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffe1f4016a2 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atieclxx.exe[1064] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffe1f40181a 4 bytes [40, 1F, FE, 7F]
.text C:\Windows\system32\atieclxx.exe[1064] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffe1f401832 4 bytes [40, 1F, FE, 7F]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3860] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffe0b8e1f6a 4 bytes [8E, 0B, FE, 7F]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[3860] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffe0b8e1f82 4 bytes [8E, 0B, FE, 7F]
.text C:\Windows\system32\wwahost.exe[1792] C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient.2_2.11.2154.0_x64__8wekyb3d8bbwe\StoreAppMSPRBootstrap.DLL!CreateMSPRProviderFactory 00007ffdf98b04a0 79 bytes [41, 56, 48, 83, EC, 20, 4C, ...]
.text C:\Windows\system32\wwahost.exe[1792] C:\Program Files\WindowsApps\Microsoft.Media.PlayReadyClient.2_2.11.2154.0_x64__8wekyb3d8bbwe\StoreAppMSPRBootstrap.DLL!CreateMSPRProviderFactory + 80 00007ffdf98b04f0 23 bytes [CB, 05, 00, 48, 8B, F0, 48, ...]
---- Threads - GMER 2.1 ----
Thread C:\Windows\system32\csrss.exe [504:568] fffff960008444d0
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -35119392
Reg HKLM\SYSTEM\CurrentControlSet\Services\rdyboost\Parameters@LastBootPlanUserTime ?Mi?, ?Mai ?07 ?14, 05:41:44???????????????????????????????????
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown@CleanShutdown 1
---- EOF - GMER 2.1 ----
|
| Themen zu Windows 8: PC auf einmal enorm Langsam, Avira findet jedoch keine Viren oder ähnliches |
| akamai, antivir, antivirus, association, avira, branding, browser, defender, desktop, downloader, failed, firefox, flash player, homepage, iexplore.exe, installation, keine viren, langsam, malware, mozilla, registry, rundll, services.exe, software, svchost.exe, system, viren, windows, windowsapps |
Baum-Darstellung