| |
| |||||||
Log-Analyse und Auswertung: Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
20.08.2014, 16:46
| #1 |
| |  Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden Liebe Helfer und Helferin, meine Tastatur hat nicht mehr funktioniert bzw. andere Befehle als die eingegeben ausgeführt. Der Rechner ist auch langsamer geworden und die Symbole aufm Desktop haben sich von selbst anders angeordnet. Beim Durchlauf von Malewarebytes wurde trojan.agent gefunden. Ich wusste nicht was ich machen soll und habe den Trojaner in die Quarantäne verschoben und danach auf Malewarebytes gelöscht. Ich habe mir sagen lassen, dass es nicht unbedingt klug ist solch einen Trojaner zu löschen und dass andere Schritte notwendig sind. Daher suche ich hier Hilfe. Ich habe alles besten Gewissens vorbereitet und stelle die al Anhang (weil sonst zu groß) Logfiles bereit. Bitte gebt Bescheid, wie ich noch weiter zur Klärung beitragen kann. Vieln lieben Dank. |
|
21.08.2014, 05:01
| #2 |
| /// the machine /// TB-Ausbilder    | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
22.08.2014, 10:56
| #3 |
| | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden Vielen Dank für deine Antwort. Ich war leider nicht zu Hause und habe daher nicht antworten können. Die Logs waren zu groß und es kam eine Benachrichtigung, dass diese als Anhang hochgeladen werden sollen. Ich stelle sie, aber jetzt so rein, wie von dir gewünscht. Vielen lieben Dank.
__________________GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-20 16:58:21
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000024 SAMSUNG_MZMTE256HMHP-000 rev.EXT46K0Q 238,47GB
Running: e5kiyg3y.exe; Driver: C:\Users\*****\AppData\Local\Temp\fxldypob.sys
---- Kernel code sections - GMER 2.1 ----
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable fffff96000175300 15 bytes [00, F7, F7, 01, 80, D7, 70, ...]
.text C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16 fffff96000175310 11 bytes [00, 99, FC, FF, 00, C1, C3, ...]
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [748:772] fffff96000819b90
---- Processes - GMER 2.1 ----
Process C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912] (FILE NOT FOUND) 0000000000400000
Library C:\Users\*****\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912](2014-08-15 18:46:08) 0000000003e60000
Library c:\users\*****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaoqalw.dll (*** suspicious ***) @ C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912](2014-08-20 13:33:35) 00000000045f0000
Library C:\Users\*****\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912](2013-08-23 19:01:44) 0000000061e90000
Library C:\Users\*****\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe [2912] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42) 0000000061500000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
erster Teil vom FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01 Ran by ***** (administrator) on ***** on 20-08-2014 16:50:30 Running from C:\Users\*****\Downloads Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Flux Software LLC) C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe (Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (FK2) C:\Windows\SysWOW64\svchospt.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe () C:\Users\*****\Downloads\Defogger.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2892080 2013-06-04] (ELAN Microelectronics Corp.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated) HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [svchospt] => C:\WINDOWS\SysWOW64\svchospt.exe [913408 2014-05-03] (FK2) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-641122288-3688080229-732055666-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony) HKU\S-1-5-21-641122288-3688080229-732055666-1001\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-641122288-3688080229-732055666-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [466656 2014-05-23] (Sony) HKU\S-1-5-21-641122288-3688080229-732055666-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {8BC7308A-9206-4552-96D7-FDDFD2688180} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: BitcasaIconOverlay -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc) ShellIconOverlayIdentifiers: BitcasaProgressOverlay -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {8BC7308A-9206-4552-96D7-FDDFD2688180} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com/?pc=smjb SearchScopes: HKLM - DefaultScope {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB SearchScopes: HKLM - {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB SearchScopes: HKCU - {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Avira Browser Safety - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\Extensions\abs@avira.com [2014-08-19] FF Extension: PrivacyChoice TrackerBlock - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\Extensions\trackerblock@privacychoice.org.xpi [2014-06-12] FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-05] Chrome: ======= CHR HomePage: CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12] CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12] CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12] CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12] CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12] CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG) R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-02-28] (Samsung Electronics CO., LTD.) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe [2466448 2012-09-13] (Realsil Microelectronics Inc.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation) R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] () R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3017776 2013-07-12] (Samsung Electronics CO., LTD.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-07-23] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-07-23] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.) S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.) R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation) R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-06-04] (ELAN Microelectronic Corp.) R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies) R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-20] (Malwarebytes Corporation) R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation) R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider) R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-07-23] (Microsoft Corporation) R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-07-23] (Microsoft Corporation) R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-20 16:50 - 2014-08-20 16:50 - 00021048 _____ () C:\Users\*****\Downloads\FRST.txt 2014-08-20 16:50 - 2014-08-20 16:50 - 00000000 ____D () C:\FRST 2014-08-20 16:49 - 2014-08-20 16:49 - 02101760 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe 2014-08-20 16:48 - 2014-08-20 16:48 - 00000472 _____ () C:\Users\*****\Downloads\defogger_disable.log 2014-08-20 16:48 - 2014-08-20 16:48 - 00000000 _____ () C:\Users\*****\defogger_reenable 2014-08-20 16:47 - 2014-08-20 16:47 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe 2014-08-20 16:46 - 2014-08-20 16:46 - 00000000 ____D () C:\Users\*****\Desktop\virenproblem 2014-08-20 16:05 - 2014-08-20 16:05 - 00001042 _____ () C:\Users\*****\Desktop\file.txt 2014-08-20 15:01 - 2014-08-20 15:01 - 00009811 _____ () C:\Users\*****\Downloads\Mappe1.xlsx 2014-08-17 13:52 - 2014-08-17 13:57 - 00000000 ____D () C:\Users\*****\Desktop\Cam 17.8.14 2014-08-16 11:01 - 2014-08-16 11:01 - 00011041 _____ () C:\Users\*****\Desktop\Mappe11.xlsx 2014-08-13 21:24 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH 2014-08-13 11:01 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-08-13 11:01 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-08-13 11:01 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-08-13 11:01 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-08-13 11:01 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-08-13 11:01 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-08-13 11:01 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-08-13 11:01 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-08-13 11:01 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-08-13 11:01 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-08-13 11:01 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-08-13 11:01 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-08-13 11:01 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-08-13 11:01 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-08-13 11:01 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-08-13 11:01 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-08-13 11:01 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-08-13 11:01 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-08-13 11:01 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-08-13 11:01 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 11:01 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-08-13 11:01 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-08-13 11:01 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-08-13 11:01 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-08-13 11:01 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-08-13 11:01 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-08-13 11:01 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-08-13 11:01 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-08-13 11:01 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-08-13 11:01 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-08-13 11:01 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-08-13 11:01 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-08-13 11:01 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-08-13 11:01 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-08-13 11:01 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-08-13 11:01 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2014-08-13 11:01 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2014-08-13 11:01 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-08-13 11:01 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-08-13 11:01 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-08-13 11:01 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-08-13 11:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2014-08-13 11:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2014-08-13 11:00 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-08-13 10:58 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-08-13 10:58 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-08-13 10:58 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-08-13 10:58 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-08-13 10:58 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-08-13 10:58 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-08-13 10:58 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-08-13 10:58 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-08-13 10:58 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-08-13 10:58 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-08-13 10:58 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-08-13 10:58 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-08-13 10:58 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-08-13 10:58 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-08-13 10:58 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-08-13 10:58 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-08-13 10:58 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-08-13 10:58 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-08-13 10:58 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-08-13 10:58 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-08-13 10:58 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-08-13 10:58 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-08-13 10:58 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-08-13 10:58 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-08-13 10:58 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-08-13 10:58 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-08-13 10:58 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-08-13 10:58 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-08-13 10:58 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-08-13 10:58 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-08-13 10:58 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-08-13 10:58 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-08-13 10:58 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-08-13 10:58 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-08-13 10:58 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-08-13 10:58 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-08-13 10:58 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-08-13 10:58 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-08-13 10:58 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-08-13 10:58 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-08-13 10:58 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-08-13 10:58 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-08-13 10:58 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-08-13 10:58 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-08-13 10:58 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe 2014-08-13 10:58 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2014-08-13 10:58 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2014-08-13 10:58 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2014-08-13 10:58 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-08-13 10:58 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-08-13 10:58 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-08-13 10:58 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-08-13 10:58 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-08-13 10:58 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-08-13 10:56 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-13 10:56 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-13 10:56 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-13 10:56 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-08-13 10:56 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-08-13 10:56 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-08-13 10:56 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-08-13 10:56 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-08-13 10:56 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-08-13 10:56 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-08-13 10:56 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-08-12 15:26 - 2014-05-03 14:24 - 00913408 ____H (FK2) C:\WINDOWS\SysWOW64\svchospt.exe 2014-08-12 15:23 - 2014-08-12 15:26 - 00000000 ____D () C:\Program Files (x86)\ParentsFriend8 2014-08-12 15:23 - 2014-03-19 18:58 - 01194144 _____ (WeOnlyDo! Software) C:\WINDOWS\SysWOW64\wodSmtp.ocx 2014-08-12 15:23 - 2010-09-07 07:47 - 00192512 _____ (-) C:\WINDOWS\SysWOW64\pfadmin.exe 2014-08-12 15:23 - 2010-03-15 15:11 - 00000394 _____ () C:\WINDOWS\SysWOW64\pfadmin.exe.manifest 2014-08-12 15:23 - 2005-11-27 21:08 - 00372736 _____ () C:\WINDOWS\SysWOW64\CoolXPCheck.ocx 2014-08-12 15:23 - 2005-11-27 21:07 - 00491520 _____ () C:\WINDOWS\SysWOW64\CoolXPButton.ocx 2014-08-12 15:23 - 2005-11-27 21:07 - 00417792 _____ () C:\WINDOWS\SysWOW64\CoolXPCombo.ocx 2014-08-12 15:23 - 2005-11-27 21:07 - 00262144 _____ () C:\WINDOWS\SysWOW64\CoolXPFrame.ocx 2014-08-12 15:23 - 2005-11-27 21:06 - 00360448 _____ () C:\WINDOWS\SysWOW64\CoolXPLabel.ocx 2014-08-12 15:23 - 2005-02-05 12:41 - 00024576 _____ (Text & Redaktion) C:\WINDOWS\SysWOW64\ScreenShotOCX.ocx 2014-08-12 15:23 - 2004-03-09 00:00 - 00260880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msflxgrd.ocx 2014-08-12 15:23 - 2003-02-07 01:02 - 00424448 _____ ( Developer Express Inc.) C:\WINDOWS\SysWOW64\dXTList.dll 2014-08-12 15:23 - 2002-04-05 10:32 - 00327680 _____ (DBI Technologies Inc.) C:\WINDOWS\SysWOW64\ctSchedule.ocx 2014-08-12 15:23 - 2001-05-24 11:20 - 00544256 _____ () C:\WINDOWS\SysWOW64\janGraphics.dll 2014-08-12 15:23 - 2000-12-22 00:00 - 00699392 _____ (Stinga) C:\WINDOWS\SysWOW64\BEEGD10.ocx 2014-08-12 15:23 - 2000-06-28 01:00 - 00124416 _____ () C:\WINDOWS\SysWOW64\dXCtrls.dll 2014-08-12 15:23 - 1999-05-06 23:00 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx 2014-08-12 15:23 - 1998-06-24 00:00 - 00209192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Tabctl32.ocx 2014-08-12 15:23 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msinet.ocx 2014-08-12 15:23 - 1998-06-23 23:00 - 00108336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX 2014-08-12 15:22 - 2014-08-12 15:22 - 04897516 _____ (Michael Müller ) C:\Users\*****\Downloads\pfsetup8.exe 2014-08-12 11:28 - 2014-08-12 11:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\jpg-Illuminator 2014-08-12 11:27 - 2014-08-12 11:27 - 13483938 _____ () C:\Users\*****\Downloads\JPG-Illuminator_v459.zip 2014-08-12 11:26 - 2014-08-12 11:26 - 01101648 _____ () C:\Users\*****\Downloads\JPG Illuminator - CHIP-Installer.exe 2014-08-09 18:37 - 2014-08-09 18:37 - 00017687 _____ () C:\Users\*****\Desktop\Mappe1.xlsx 2014-08-04 22:07 - 2014-08-04 22:07 - 04812672 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup415.exe 2014-08-04 22:07 - 2014-08-04 22:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-29 12:40 - 2014-08-01 16:22 - 00010576 _____ () C:\Users\*****\Desktop\Planung Karriere.xlsx 2014-07-27 13:40 - 2014-07-29 12:05 - 00011148 _____ () C:\Users\*****\Desktop\IMPORTANNNNTTTT.xlsx 2014-07-27 10:09 - 2014-07-27 10:09 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2014-07-26 12:14 - 2014-07-26 12:14 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2014-07-26 12:09 - 2014-07-26 12:09 - 01354223 _____ () C:\Users\*****\Downloads\adwcleaner_3.216.exe 2014-07-26 12:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll 2014-07-26 12:02 - 2014-07-26 12:12 - 00000000 ____D () C:\AdwCleaner 2014-07-26 12:02 - 2014-07-26 12:02 - 00826192 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\AdwCleaner - CHIP-Installer.exe 2014-07-26 11:46 - 2014-08-20 15:56 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-07-26 11:46 - 2014-07-26 11:46 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-26 11:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-07-26 11:46 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-07-26 11:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-07-26 11:45 - 2014-07-26 11:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-26 10:54 - 2014-07-26 10:54 - 04430600 _____ (Avira Operations GmbH & Co. KG) C:\Users\*****\Downloads\avira_de_av___ws2.exe 2014-07-25 10:39 - 2014-07-25 10:39 - 00000000 ___RD () C:\WINDOWS\BrowserChoice 2014-07-25 10:39 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys 2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI 2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI 2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI 2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI 2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Program Files\AMD 2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\AMD 2014-07-25 10:33 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe 2014-07-25 10:33 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2014-07-25 10:33 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe 2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ATI 2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Local\ATI 2014-07-24 18:47 - 2014-07-24 18:47 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieUserList 2014-07-24 18:47 - 2014-07-24 18:47 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieSiteList 2014-07-23 21:28 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux 2014-07-23 21:28 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\*****\AppData\Local\FluxSoftware 2014-07-23 21:27 - 2014-07-23 21:27 - 00597304 _____ () C:\Users\*****\Downloads\flux-setup.exe 2014-07-23 12:25 - 2014-08-20 15:32 - 00000000 ___DC () C:\WINDOWS\Panther 2014-07-23 12:25 - 2014-07-23 12:25 - 00000000 __SHD () C:\Recovery 2014-07-23 12:24 - 2014-07-23 12:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2014-07-23 12:24 - 2014-07-23 12:24 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe 2014-07-23 12:24 - 2014-07-23 12:24 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe 2014-07-23 12:24 - 2014-07-23 12:24 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-07-23 12:24 - 2014-07-23 12:24 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2014-07-23 12:23 - 2014-07-23 12:23 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2014-07-23 12:23 - 2014-07-23 12:23 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2014-07-23 12:23 - 2014-07-23 12:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-07-23 12:23 - 2014-07-23 12:23 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2014-07-23 12:23 - 2014-07-23 12:23 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe 2014-07-23 12:23 - 2014-07-23 12:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe 2014-07-23 12:23 - 2014-07-23 12:23 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2014-07-23 12:23 - 2014-07-23 12:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-07-23 12:23 - 2014-07-23 12:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-07-23 12:22 - 2014-07-23 12:22 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe 2014-07-23 12:22 - 2014-07-23 12:22 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-07-23 12:22 - 2014-07-23 12:22 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll 2014-07-23 12:22 - 2014-07-23 12:22 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-07-23 12:22 - 2014-07-23 12:22 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-07-23 12:21 - 2014-07-23 12:21 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-07-23 12:21 - 2014-07-23 12:21 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2014-07-23 12:21 - 2014-07-23 12:21 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-07-23 12:21 - 2014-07-23 12:21 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-07-23 12:21 - 2014-07-23 12:21 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-07-23 12:21 - 2014-07-23 12:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2014-07-23 12:21 - 2014-07-23 12:21 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2014-07-23 12:20 - 2014-07-23 12:20 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-07-23 12:20 - 2014-07-23 12:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2014-07-23 12:20 - 2014-07-23 12:20 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys 2014-07-23 12:20 - 2014-07-23 12:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe 2014-07-23 12:20 - 2014-07-23 12:20 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll 2014-07-23 12:20 - 2014-07-23 12:20 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2014-07-23 12:19 - 2014-08-20 15:33 - 00000000 __RDO () C:\Users\*****\OneDrive 2014-07-23 12:19 - 2014-07-23 12:19 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff 2014-07-23 12:18 - 2014-07-23 12:18 - 00001450 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer 2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files\Reference Assemblies 2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files\MSBuild 2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies 2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2014-07-23 12:18 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2014-07-23 12:18 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2014-07-23 12:18 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2014-07-23 12:18 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2014-07-23 12:17 - 2014-07-23 12:17 - 00000020 ___SH () C:\Users\*****\ntuser.ini 2014-07-23 11:33 - 2014-08-20 16:40 - 01392626 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-23 11:33 - 2014-07-23 11:33 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Programme 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2014-07-23 11:30 - 2014-07-23 11:30 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-07-23 11:30 - 2014-07-23 11:30 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help 2014-07-23 11:30 - 2014-07-23 11:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help 2014-07-23 11:28 - 2014-08-20 16:48 - 00000000 ____D () C:\Users\***** 2014-07-23 11:28 - 2014-07-23 11:33 - 00024768 _____ () C:\WINDOWS\diagwrn.xml 2014-07-23 11:28 - 2014-07-23 11:33 - 00024768 _____ () C:\WINDOWS\diagerr.xml 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Vorlagen 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Startmenü 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Eigene Dateien 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Druckumgebung 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Musik 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Bilder 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Verlauf 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Anwendungsdaten 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Anwendungsdaten 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate 2014-07-23 11:28 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2014-07-23 11:28 - 2014-03-18 12:12 - 00000369 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2014-07-23 11:28 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-07-23 11:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-07-23 11:26 - 2014-07-23 11:26 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf 2014-07-23 11:26 - 2014-07-23 11:26 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf 2014-07-23 11:25 - 2014-07-23 11:26 - 00000000 ____D () C:\Program Files\Elantech 2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs 2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\Program Files\Realtek 2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies 2014-07-22 12:57 - 2014-07-23 11:15 - 00000000 ____D () C:\Users\*****\Documents\Hibba Sabir 2014-07-22 11:49 - 2014-08-07 19:30 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-07-21 22:05 - 2014-07-21 22:05 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe 2014-07-21 22:05 - 2014-07-21 22:05 - 00135168 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.1001.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00100352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 01187342 _____ () C:\WINDOWS\system32\amdocl_as64.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 01061902 _____ () C:\WINDOWS\system32\amdocl_ld64.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00995342 _____ () C:\WINDOWS\SysWOW64\amdocl_as32.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00798734 _____ () C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00721296 _____ () C:\WINDOWS\system32\atiicdxx.dat 2014-07-21 22:04 - 2014-07-21 22:04 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\system32\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00234036 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat 2014-07-21 22:04 - 2014-07-21 22:04 - 00233776 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat 2014-07-21 22:04 - 2014-07-21 22:04 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00083552 _____ () C:\WINDOWS\system32\ativce02.dat 2014-07-21 22:04 - 2014-07-21 22:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00047887 _____ () C:\WINDOWS\atiogl.xml 2014-07-21 22:04 - 2014-07-21 22:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2014-07-21 22:04 - 2014-05-21 00:33 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-07-21 22:04 - 2014-05-21 00:33 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll 2014-07-21 02:20 - 2014-07-21 02:20 - 00000000 ____D () C:\Users\*****\AppData\Roaming\SmartTools 2014-07-21 02:19 - 2014-07-21 02:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\projplan2014 - CHIP-Installer.exe |
|
22.08.2014, 11:02
| #4 |
| | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden zweiter Teil FRST Code:
ATTFilter ==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 16:50 - 2014-08-20 16:50 - 00021048 _____ () C:\Users\*****\Downloads\FRST.txt
2014-08-20 16:50 - 2014-08-20 16:50 - 00000000 ____D () C:\FRST
2014-08-20 16:49 - 2014-08-20 16:49 - 02101760 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-08-20 16:48 - 2014-08-20 16:48 - 00000472 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-08-20 16:48 - 2014-08-20 16:48 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-08-20 16:48 - 2014-07-23 11:28 - 00000000 ____D () C:\Users\*****
2014-08-20 16:47 - 2014-08-20 16:47 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-08-20 16:46 - 2014-08-20 16:46 - 00000000 ____D () C:\Users\*****\Desktop\virenproblem
2014-08-20 16:40 - 2014-07-23 11:33 - 01392626 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-20 16:40 - 2014-06-12 17:30 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-20 16:05 - 2014-08-20 16:05 - 00001042 _____ () C:\Users\*****\Desktop\file.txt
2014-08-20 16:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-20 15:56 - 2014-07-26 11:46 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-20 15:42 - 2014-03-29 01:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-641122288-3688080229-732055666-1001
2014-08-20 15:36 - 2014-03-18 12:04 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-20 15:36 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-20 15:36 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-20 15:36 - 2013-07-30 15:48 - 00000000 ____D () C:\ProgramData\WinClon
2014-08-20 15:33 - 2014-07-23 12:19 - 00000000 __RDO () C:\Users\*****\OneDrive
2014-08-20 15:33 - 2014-06-12 17:30 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-20 15:33 - 2014-06-06 21:02 - 00000000 ___RD () C:\Users\*****\Dropbox
2014-08-20 15:33 - 2014-06-06 20:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2014-08-20 15:32 - 2014-07-23 12:25 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-20 15:32 - 2014-05-05 13:19 - 00000212 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2014-08-20 15:32 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-20 15:31 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-20 15:02 - 2013-08-22 16:44 - 03418112 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-20 15:01 - 2014-08-20 15:01 - 00009811 _____ () C:\Users\*****\Downloads\Mappe1.xlsx
2014-08-18 20:24 - 2014-05-06 13:30 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-08-17 13:57 - 2014-08-17 13:52 - 00000000 ____D () C:\Users\*****\Desktop\Cam 17.8.14
2014-08-17 02:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 21:56 - 2014-06-06 21:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-16 11:01 - 2014-08-16 11:01 - 00011041 _____ () C:\Users\*****\Desktop\Mappe11.xlsx
2014-08-13 22:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-13 21:56 - 2014-04-18 22:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-13 21:56 - 2014-04-18 22:06 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 21:55 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-13 14:08 - 2014-06-03 13:11 - 00000000 ____D () C:\Users\*****\Documents\Habib Ullah Sabir
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-08-13 11:24 - 2014-05-05 13:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 10:55 - 2014-03-18 12:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 10:55 - 2014-03-18 12:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 10:55 - 2014-03-18 12:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 10:55 - 2014-03-18 12:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 10:55 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 10:55 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 10:55 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 10:55 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 10:55 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 10:55 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 10:55 - 2013-08-22 12:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 10:55 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 10:55 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 10:55 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 10:55 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 10:55 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 10:55 - 2013-08-22 05:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-12 15:26 - 2014-08-12 15:23 - 00000000 ____D () C:\Program Files (x86)\ParentsFriend8
2014-08-12 15:22 - 2014-08-12 15:22 - 04897516 _____ (Michael Müller ) C:\Users\*****\Downloads\pfsetup8.exe
2014-08-12 11:28 - 2014-08-12 11:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\jpg-Illuminator
2014-08-12 11:27 - 2014-08-12 11:27 - 13483938 _____ () C:\Users\*****\Downloads\JPG-Illuminator_v459.zip
2014-08-12 11:26 - 2014-08-12 11:26 - 01101648 _____ () C:\Users\*****\Downloads\JPG Illuminator - CHIP-Installer.exe
2014-08-12 01:59 - 2014-05-03 15:45 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-08-09 18:37 - 2014-08-09 18:37 - 00017687 _____ () C:\Users\*****\Desktop\Mappe1.xlsx
2014-08-07 19:31 - 2013-07-30 14:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-07 19:30 - 2014-07-22 11:49 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-07 19:30 - 2014-05-05 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-07 19:30 - 2014-05-05 13:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-07 04:12 - 2014-08-13 10:56 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:39 - 2014-08-13 10:56 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-04 22:08 - 2014-04-11 14:26 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-08-04 22:07 - 2014-08-04 22:07 - 04812672 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup415.exe
2014-08-04 22:07 - 2014-08-04 22:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-02 05:56 - 2014-08-13 10:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 21:24 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 16:22 - 2014-07-29 12:40 - 00010576 _____ () C:\Users\*****\Desktop\Planung Karriere.xlsx
2014-07-31 18:27 - 2014-06-23 10:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 15:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-07-29 12:05 - 2014-07-27 13:40 - 00011148 _____ () C:\Users\*****\Desktop\IMPORTANNNNTTTT.xlsx
2014-07-29 08:14 - 2014-06-03 13:11 - 00000000 ____D () C:\Users\*****\Documents\Jari Ullah Sabir
2014-07-28 11:41 - 2014-06-03 13:11 - 00000000 ____D () C:\Users\*****\Documents\Safi Sabir
2014-07-27 10:56 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-27 10:09 - 2014-07-27 10:09 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-26 19:29 - 2014-06-04 16:17 - 00001035 _____ () C:\Users\*****\Desktop\Safi Sabir - Verknüpfung.lnk
2014-07-26 12:14 - 2014-07-26 12:14 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-26 12:12 - 2014-07-26 12:02 - 00000000 ____D () C:\AdwCleaner
2014-07-26 12:09 - 2014-07-26 12:09 - 01354223 _____ () C:\Users\*****\Downloads\adwcleaner_3.216.exe
2014-07-26 12:02 - 2014-07-26 12:02 - 00826192 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\AdwCleaner - CHIP-Installer.exe
2014-07-26 11:46 - 2014-07-26 11:46 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-26 11:45 - 2014-07-26 11:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-26 10:54 - 2014-07-26 10:54 - 04430600 _____ (Avira Operations GmbH & Co. KG) C:\Users\*****\Downloads\avira_de_av___ws2.exe
2014-07-25 23:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-25 16:52 - 2014-08-13 11:01 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-13 11:01 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-13 11:01 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-13 11:01 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 11:01 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-13 11:01 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-13 11:01 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 11:01 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-13 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 11:01 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 11:01 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 11:01 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-13 11:01 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-13 11:01 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-13 11:01 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 11:01 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 11:01 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 11:01 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 11:01 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 11:01 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 11:01 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-13 11:01 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 11:01 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 11:01 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 11:01 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-13 11:01 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-13 11:01 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-13 11:01 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 11:01 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 11:01 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 11:01 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 11:01 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 11:01 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 11:01 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-25 10:39 - 2014-07-25 10:39 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-25 10:39 - 2014-03-28 22:18 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2014-07-25 10:39 - 2013-07-30 14:33 - 00000000 ____D () C:\Program Files\Intel
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Program Files\AMD
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\AMD
2014-07-25 10:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-07-25 10:38 - 2013-07-30 15:46 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ATI
2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Local\ATI
2014-07-24 18:47 - 2014-07-24 18:47 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieUserList
2014-07-24 18:47 - 2014-07-24 18:47 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieSiteList
2014-07-24 12:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-07-23 21:28 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2014-07-23 21:28 - 2014-07-23 21:28 - 00000000 ____D () C:\Users\*****\AppData\Local\FluxSoftware
2014-07-23 21:27 - 2014-07-23 21:27 - 00597304 _____ () C:\Users\*****\Downloads\flux-setup.exe
2014-07-23 12:25 - 2014-07-23 12:25 - 00000000 __SHD () C:\Recovery
2014-07-23 12:24 - 2014-07-23 12:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-07-23 12:24 - 2014-07-23 12:24 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-07-23 12:24 - 2014-07-23 12:24 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-07-23 12:24 - 2014-07-23 12:24 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-07-23 12:24 - 2014-07-23 12:24 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-07-23 12:24 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-07-23 12:23 - 2014-07-23 12:23 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 02479616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 02373784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-07-23 12:23 - 2014-07-23 12:23 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-07-23 12:23 - 2014-07-23 12:23 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 02013016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01112536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00836096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00488280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-07-23 12:23 - 2014-07-23 12:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-07-23 12:23 - 2014-07-23 12:23 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00360512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-07-23 12:23 - 2014-07-23 12:23 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-07-23 12:23 - 2014-07-23 12:23 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-07-23 12:23 - 2014-07-23 12:23 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-07-23 12:23 - 2014-07-23 12:23 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-07-23 12:23 - 2014-07-23 12:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-07-23 12:23 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-07-23 12:22 - 2014-07-23 12:22 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-07-23 12:22 - 2014-07-23 12:22 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-07-23 12:22 - 2014-07-23 12:22 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-23 12:22 - 2014-07-23 12:22 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-07-23 12:22 - 2014-07-23 12:22 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-23 12:22 - 2014-07-23 12:22 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-07-23 12:22 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-23 12:22 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-23 12:21 - 2014-07-23 12:21 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-23 12:21 - 2014-07-23 12:21 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-23 12:21 - 2014-07-23 12:21 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-23 12:21 - 2014-07-23 12:21 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-23 12:21 - 2014-07-23 12:21 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-07-23 12:21 - 2014-07-23 12:21 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-07-23 12:21 - 2014-07-23 12:21 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-07-23 12:21 - 2014-07-23 12:21 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-07-23 12:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-23 12:21 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-23 12:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-07-23 12:20 - 2014-07-23 12:20 - 21268952 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 18755672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 07425368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 06645248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 05774848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 02688000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01466856 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01200288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01200128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00955904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00881616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-07-23 12:20 - 2014-07-23 12:20 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00467496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00463256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-23 12:20 - 2014-07-23 12:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 00406504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00384856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-07-23 12:20 - 2014-07-23 12:20 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00364640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00310616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 00263424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 00257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00244880 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00180056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00125496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00123224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00098584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00077312 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-07-23 12:20 - 2014-07-23 12:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-07-23 12:20 - 2014-07-23 12:20 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-07-23 12:20 - 2014-07-23 12:20 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-07-23 12:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-07-23 12:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-23 12:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-23 12:20 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-23 12:20 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-23 12:19 - 2014-07-23 12:19 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-07-23 12:18 - 2014-07-23 12:18 - 00001450 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files\MSBuild
2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-07-23 12:18 - 2014-07-23 12:18 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-07-23 12:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-07-23 12:17 - 2014-07-23 12:17 - 00000020 ___SH () C:\Users\*****\ntuser.ini
2014-07-23 11:33 - 2014-07-23 11:33 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Programme
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-07-23 11:33 - 2014-07-23 11:33 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2014-07-23 11:33 - 2014-07-23 11:28 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-07-23 11:33 - 2014-07-23 11:28 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-07-23 11:33 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-07-23 11:33 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-07-23 11:33 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-07-23 11:31 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-07-23 11:31 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-07-23 11:30 - 2014-07-23 11:30 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-23 11:30 - 2014-07-23 11:30 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-07-23 11:30 - 2014-07-23 11:30 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-07-23 11:30 - 2014-06-12 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-23 11:30 - 2014-05-06 12:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-07-23 11:30 - 2014-05-05 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-07-23 11:30 - 2014-05-03 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-23 11:30 - 2014-04-05 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-07-23 11:30 - 2014-03-18 11:40 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-07-23 11:30 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-07-23 11:30 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-07-23 11:30 - 2014-03-18 11:25 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-07-23 11:30 - 2013-09-06 01:30 - 00000000 ____D () C:\WINDOWS\en-GB
2014-07-23 11:30 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-23 11:30 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-23 11:30 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-07-23 11:30 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-07-23 11:30 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-07-23 11:30 - 2013-07-30 16:00 - 00000000 ____D () C:\WINDOWS\fr
2014-07-23 11:30 - 2013-07-30 16:00 - 00000000 ____D () C:\WINDOWS\de
2014-07-23 11:30 - 2013-07-30 15:59 - 00000000 ____D () C:\WINDOWS\it
2014-07-23 11:30 - 2013-07-30 15:58 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2014-07-23 11:30 - 2013-07-30 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitcasa
2014-07-23 11:30 - 2013-07-30 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
2014-07-23 11:30 - 2013-07-30 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Absolute Software
2014-07-23 11:30 - 2013-07-30 15:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-07-23 11:30 - 2013-07-30 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2014-07-23 11:30 - 2013-07-30 14:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-07-23 11:30 - 2013-07-30 14:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-07-23 11:30 - 2012-08-05 23:11 - 00000000 ____D () C:\ProgramData\PRICache
2014-07-23 11:30 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Vorlagen
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Startmenü
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Netzwerkumgebung
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Lokale Einstellungen
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Eigene Dateien
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Druckumgebung
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Musik
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Documents\Eigene Bilder
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Verlauf
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\AppData\Local\Anwendungsdaten
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 _SHDL () C:\Users\*****\Anwendungsdaten
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 ___RD () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-23 11:28 - 2014-07-23 11:28 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-07-23 11:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-07-23 11:26 - 2014-07-23 11:26 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf
2014-07-23 11:26 - 2014-07-23 11:26 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2014-07-23 11:26 - 2014-07-23 11:25 - 00000000 ____D () C:\Program Files\Elantech
2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\Program Files\Realtek
2014-07-23 11:25 - 2014-07-23 11:25 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-07-23 11:15 - 2014-07-22 12:57 - 00000000 ____D () C:\Users\*****\Documents\Hibba Sabir
2014-07-23 10:58 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-07-21 22:05 - 2014-07-21 22:05 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe
2014-07-21 22:05 - 2014-07-21 22:05 - 00135168 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.1001.dll
2014-07-21 22:05 - 2014-07-21 22:05 - 00100352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll
2014-07-21 22:05 - 2014-07-21 22:05 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll
2014-07-21 22:05 - 2014-07-21 22:05 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll
2014-07-21 22:05 - 2014-07-21 22:05 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2014-07-21 22:04 - 2014-07-21 22:04 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap
2014-07-21 22:04 - 2014-07-21 22:04 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap
2014-07-21 22:04 - 2014-07-21 22:04 - 01187342 _____ () C:\WINDOWS\system32\amdocl_as64.exe
2014-07-21 22:04 - 2014-07-21 22:04 - 01061902 _____ () C:\WINDOWS\system32\amdocl_ld64.exe
2014-07-21 22:04 - 2014-07-21 22:04 - 00995342 _____ () C:\WINDOWS\SysWOW64\amdocl_as32.exe
2014-07-21 22:04 - 2014-07-21 22:04 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00798734 _____ () C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2014-07-21 22:04 - 2014-07-21 22:04 - 00721296 _____ () C:\WINDOWS\system32\atiicdxx.dat
2014-07-21 22:04 - 2014-07-21 22:04 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb
2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\system32\atiapfxx.blb
2014-07-21 22:04 - 2014-07-21 22:04 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2014-07-21 22:04 - 2014-07-21 22:04 - 00234036 _____ () C:\WINDOWS\system32\ativvaxy_cik.dat
2014-07-21 22:04 - 2014-07-21 22:04 - 00233776 _____ () C:\WINDOWS\system32\ativvaxy_cik_nd.dat
2014-07-21 22:04 - 2014-07-21 22:04 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00083552 _____ () C:\WINDOWS\system32\ativce02.dat
2014-07-21 22:04 - 2014-07-21 22:04 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00047887 _____ () C:\WINDOWS\atiogl.xml
2014-07-21 22:04 - 2014-07-21 22:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2014-07-21 22:04 - 2014-07-21 22:04 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2014-07-21 22:04 - 2012-12-05 06:23 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2014-07-21 22:04 - 2012-12-05 06:23 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2014-07-21 22:04 - 2012-12-05 06:23 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2014-07-21 22:03 - 2014-07-25 10:39 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2014-07-21 22:03 - 2014-07-21 22:03 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00157736 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00142304 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2014-07-21 22:03 - 2014-07-21 22:03 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2014-07-21 02:20 - 2014-07-21 02:20 - 00000000 ____D () C:\Users\*****\AppData\Roaming\SmartTools
2014-07-21 02:19 - 2014-07-21 02:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\projplan2014 - CHIP-Installer.exe
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaoqalw.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-19 10:15
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by ***** at 2014-08-20 16:51:11
Running from C:\Users\*****\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.2.0.26 - Absolute Software)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.03) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21127 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{77A7CE43-5A1E-8282-931B-E0CC4C075793}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bitcasa version 0.9.20.4135 (HKLM\...\{EDA09459-AD7D-4434-BA0C-647F6703EA12}_is1) (Version: 0.9.20.4135 - Bitcasa Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1127.15.314 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1127.15.314 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.1127.15.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1127.0014.314 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1127.15.314 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.6 - Samsung Electronics CO.,LTD.)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare X64 11.7.13.2_RSTP_WHQL (HKLM\...\Elantech) (Version: 11.7.13.2 - ELAN Microelectronic Corp.)
f.lux (HKCU\...\Flux) (Version: - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Help Desk (HKLM\...\{22B32087-797D-4A1B-AFA7-072C87580ADC}) (Version: 1.0.9 - Samsung Electronics CO., LTD.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-8F3D-148929CC1385}) (Version: 2.6.1210.0278 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
IntelliMemory (HKLM\...\{40320F22-7D70-49DB-9D66-B6FAE5F36B47}) (Version: 1.0.32.0 - Condusiv Technologies)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OEM Application Profile (HKLM-x32\...\{EE55B368-EBDF-98F3-CFE7-7CE4ADBC4553}) (Version: 1.00.0004 - Advanced Micro Devices, Inc.)
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Phone Screen Sharing (HKLM-x32\...\{DF02C515-40B5-45AC-A601-5DC69D03885C}) (Version: 2.0.0.21 - RSUPPORT)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.4.907.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6818 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.9200.39035 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.9.10 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.42 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.2.13021_11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.25.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SideSync (HKLM-x32\...\{59687468-8CE9-4ABF-9C6A-5C31F0E09F8B}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sony PC Companion 2.10.211 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.211 - Sony)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.2600 - DTS, Inc.)
Support Center (HKLM\...\{5C20C1A9-75F9-4B6B-AAC3-9065C2AFB918}) (Version: 2.1.1106 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{44C11432-BA0D-4A02-B092-78AA7A6056A0}) (Version: 2.1.17 - Samsung Electronics CO., LTD.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.de-de_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{5EA1673F-15BA-4CF9-BCB3-4725C6343F77}) (Version: 1.5.00 - Samsung Electronics CO., LTD.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-641122288-3688080229-732055666-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
29-07-2014 04:44:50 Windows Update
07-08-2014 22:49:46 Geplanter Prüfpunkt
13-08-2014 09:23:27 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0BC32B2D-93F4-45F4-B338-9BC59A6EB744} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {13E2CE25-9BDF-47FD-B44C-8574FE8FAA0C} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2013-02-28] (Samsung Electronics CO., LTD.)
Task: {1F2D7BAE-62D4-4467-A97F-CD9E86C0B564} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {21E525EB-79AC-46F8-96B4-7B4B8EABDC73} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-13] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {39C66650-95F5-4A77-AE11-065E9DCA33A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B823400-94EA-4933-B9E5-08BEC56DFFEE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {65103FB0-6769-4E71-A66F-0179326AB004} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-12] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {84FE53CF-2605-4B63-B216-70AA76D749FE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8BAC9F34-F3DF-4E6C-BA24-56359463DA70} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-06-19] (SEC)
Task: {8C38A97A-6EBF-4818-A7B1-2A63558EF61A} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F92A65D-A582-44DD-B06E-C33CC615EBBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A9084F01-D87D-4DA9-A598-F29DC8DF6710} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {A9B946C6-71F6-4504-A414-449D3B0347DF} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {C5B19DB0-0042-46B1-8F31-7A76EFABB583} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {CD684D87-C9F6-4826-AC6D-DE434D1FBF30} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-06-05] (Samsung Electronics CO., LTD.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCE3D606-9E17-4E65-B72D-0EF3F4603DE5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\windows\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-04-14 02:41 - 2011-04-14 02:41 - 00034304 _____ () C:\WINDOWS\System32\ssb3ml6.dll
2011-06-15 05:57 - 2011-06-15 05:57 - 00034304 _____ () C:\WINDOWS\System32\ssb6mlm.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00085040 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-04-05 15:13 - 2013-10-31 12:35 - 00070880 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-06-05 00:28 - 2013-06-05 00:28 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-08-20 16:47 - 2014-08-20 16:47 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00029232 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 01121328 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00027184 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00111152 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00060976 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2013-02-28 10:03 - 2013-02-28 10:03 - 00103472 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-04-05 15:13 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-04-05 15:13 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2014-08-20 15:33 - 2014-08-20 15:33 - 00043008 _____ () c:\users\*****\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpaoqalw.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libcef.dll
2014-07-26 12:14 - 2014-07-24 11:50 - 00049744 ____N () C:\Users\*****\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-07-30 14:33 - 2013-01-14 20:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-06-23 10:20 - 2014-07-31 18:27 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade
AlternateDataStreams: C:\Users\*****\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
0x8e5e0210 (0x8e5e0210)
Error: (08/20/2014 03:03:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer (4476) Windows: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0006D.log.
Error: (08/19/2014 03:41:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{5399daf3-0b92-4724-a4a6-e43be79c4b24}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/19/2014 03:41:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Windows RE tools" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
System errors:
=============
Error: (08/20/2014 03:03:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2014 03:03:27 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit dem folgenden dienstspezifischen Fehler beendet:
%%2147749126
Error: (08/20/2014 03:02:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 20.08.2014 um 14:55:26 unerwartet heruntergefahren.
Error: (08/19/2014 09:42:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IntelliMemory" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/16/2014 04:37:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (08/16/2014 04:37:53 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Modules Installer konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (08/12/2014 06:51:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IntelliMemory" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/12/2014 03:27:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (08/12/2014 00:26:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "IntelliMemory" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/11/2014 03:02:53 PM) (Source: DCOM) (EventID: 10005) (User: JERRY)
Description: 1053WSearchNicht verfügbar{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Microsoft Office Sessions:
=========================
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an. (HRESULT : 0x80040d06) (0x80040d06)
Search.TripoliIndexer
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Kontext: Windows Anwendung
Details:
(HRESULT : 0x8e5e0210) (0x8e5e0210)
Search.TripoliIndexer
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. 0xc0041801 (0xc0041801)
The catalog is corrupt
Error: (08/20/2014 03:03:27 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description:
Details:
0x8e5e0210 (0x8e5e0210)
4810 - enduser\mssearch2\search\ytrip\common\util\jetutil.cpp (167)
Error: (08/20/2014 03:03:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: SearchIndexer4476Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb0006D.log-1811 (0xfffff8ed)
Error: (08/19/2014 03:41:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{5399daf3-0b92-4724-a4a6-e43be79c4b24}\Falscher Parameter. (0x80070057)
Error: (08/19/2014 03:41:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Windows RE toolsFalscher Parameter. (0x80070057)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 64%
Total physical RAM: 3980.38 MB
Available physical RAM: 1410.59 MB
Total Pagefile: 5452.38 MB
Available Pagefile: 1823.16 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:214.9 GB) (Free:135.75 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 2EACB920)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
22.08.2014, 11:08
| #5 |
| | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefundenCode:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 20. August 2014 16:19
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 8.1 Pro
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : *****
Computername : *****
Versionsinformationen:
BUILD.DAT : 14.0.6.552 92022 Bytes 23.07.2014 13:29:00
AVSCAN.EXE : 14.0.6.548 1046608 Bytes 14.08.2014 19:06:53
AVSCANRC.DLL : 14.0.6.522 62544 Bytes 14.08.2014 19:06:53
LUKE.DLL : 14.0.6.522 57936 Bytes 14.08.2014 19:07:08
AVSCPLR.DLL : 14.0.6.548 92752 Bytes 14.08.2014 19:06:53
AVREG.DLL : 14.0.6.522 262224 Bytes 14.08.2014 19:06:51
avlode.dll : 14.0.6.526 603728 Bytes 14.08.2014 19:06:51
avlode.rdf : 14.0.4.42 65114 Bytes 17.07.2014 12:21:47
XBV00009.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:29
XBV00010.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00011.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00012.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00013.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00014.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00015.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00016.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00017.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00018.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00019.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00020.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00021.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00022.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00023.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00024.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00025.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00026.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00027.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00028.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00029.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00030.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00031.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00032.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00033.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00034.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00035.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00036.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00037.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:30
XBV00038.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:31
XBV00039.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:31
XBV00040.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:31
XBV00041.VDF : 8.11.165.190 2048 Bytes 07.08.2014 15:15:31
XBV00054.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00055.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00056.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00057.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00058.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00059.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00060.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00061.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00062.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00063.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00064.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00065.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00066.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00067.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00068.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:19
XBV00069.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00070.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00071.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00072.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00073.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00074.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00075.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00076.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00077.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00078.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00079.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00080.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00081.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00082.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00083.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00084.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00085.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00086.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00087.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00088.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00089.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00090.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00091.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00092.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00093.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00094.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00095.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00096.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:20
XBV00097.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00098.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00099.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00100.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00101.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00102.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00103.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00104.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00105.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00106.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00107.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00108.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00109.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00110.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00111.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00112.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00113.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00114.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00115.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00116.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00117.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00118.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00119.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00120.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00121.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00122.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00123.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00124.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00125.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00126.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:21
XBV00127.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00128.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00129.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00130.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00131.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00132.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00133.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00134.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00135.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00136.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00137.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00138.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00139.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00140.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00141.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00142.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00143.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00144.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00145.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00146.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00147.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00148.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00149.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00150.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00151.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00152.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00153.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00154.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00155.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00156.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00157.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00158.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:22
XBV00159.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00160.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00161.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00162.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00163.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00164.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00165.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00166.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00167.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00168.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00169.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00170.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00171.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00172.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00173.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00174.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00175.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00176.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00177.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00178.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00179.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00180.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00181.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00182.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00183.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00184.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00185.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00186.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00187.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00188.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:23
XBV00189.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00190.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00191.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00192.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00193.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00194.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00195.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00196.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00197.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00198.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00199.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00200.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00201.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00202.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00203.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00204.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00205.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00206.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00207.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00208.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00209.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00210.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00211.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00212.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00213.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00214.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00215.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00216.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00217.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00218.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00219.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00220.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00221.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:24
XBV00222.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00223.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00224.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00225.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00226.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00227.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00228.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00229.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00230.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00231.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00232.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00233.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00234.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00235.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00236.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00237.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00238.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00239.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00240.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00241.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00242.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00243.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00244.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00245.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00246.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00247.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00248.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00249.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00250.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00251.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00252.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00253.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00254.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:25
XBV00255.VDF : 8.11.167.234 2048 Bytes 19.08.2014 13:42:26
XBV00000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 09:41:06
XBV00001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 09:41:06
XBV00002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 09:41:06
XBV00003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 09:41:06
XBV00004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 09:41:06
XBV00005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 09:41:06
XBV00006.VDF : 7.11.139.38 15708672 Bytes 27.03.2014 11:26:51
XBV00007.VDF : 7.11.152.100 4193792 Bytes 02.06.2014 14:52:30
XBV00008.VDF : 8.11.165.192 4251136 Bytes 07.08.2014 15:15:29
XBV00042.VDF : 8.11.167.234 1073152 Bytes 19.08.2014 13:42:19
XBV00043.VDF : 8.11.167.236 3584 Bytes 19.08.2014 13:42:19
XBV00044.VDF : 8.11.167.238 17408 Bytes 19.08.2014 13:42:19
XBV00045.VDF : 8.11.167.242 7168 Bytes 19.08.2014 13:07:54
XBV00046.VDF : 8.11.167.248 2048 Bytes 19.08.2014 13:07:54
XBV00047.VDF : 8.11.168.26 19968 Bytes 19.08.2014 13:07:54
XBV00048.VDF : 8.11.168.44 10240 Bytes 19.08.2014 13:07:55
XBV00049.VDF : 8.11.168.60 2048 Bytes 19.08.2014 13:07:55
XBV00050.VDF : 8.11.168.78 27136 Bytes 20.08.2014 13:07:55
XBV00051.VDF : 8.11.168.80 2048 Bytes 20.08.2014 13:07:55
XBV00052.VDF : 8.11.168.98 15360 Bytes 20.08.2014 13:07:55
XBV00053.VDF : 8.11.168.100 2048 Bytes 20.08.2014 13:07:55
LOCAL001.VDF : 8.11.168.100 108908032 Bytes 20.08.2014 13:08:15
Engineversion : 8.3.24.16
AEVDF.DLL : 8.3.1.6 133992 Bytes 20.08.2014 13:07:54
AESCRIPT.DLL : 8.2.0.16 428912 Bytes 14.08.2014 19:06:49
AESCN.DLL : 8.3.2.2 139456 Bytes 21.07.2014 12:19:06
AESBX.DLL : 8.2.20.24 1409224 Bytes 10.05.2014 17:18:37
AERDL.DLL : 8.2.0.138 704888 Bytes 25.02.2014 09:41:04
AEPACK.DLL : 8.4.0.50 792488 Bytes 07.08.2014 15:15:28
AEOFFICE.DLL : 8.3.0.20 216104 Bytes 14.08.2014 19:06:49
AEHEUR.DLL : 8.1.4.1234 7370664 Bytes 19.08.2014 13:42:18
AEHELP.DLL : 8.3.1.0 278728 Bytes 28.05.2014 14:25:02
AEGEN.DLL : 8.1.7.28 450752 Bytes 07.06.2014 12:38:44
AEEXP.DLL : 8.4.2.22 244584 Bytes 02.08.2014 15:16:04
AEEMU.DLL : 8.1.3.4 399264 Bytes 07.08.2014 15:15:26
AEDROID.DLL : 8.4.2.24 442568 Bytes 04.06.2014 20:27:00
AECORE.DLL : 8.3.2.6 243712 Bytes 07.08.2014 15:15:26
AEBB.DLL : 8.1.2.0 60448 Bytes 07.08.2014 15:15:26
AVWINLL.DLL : 14.0.6.522 24144 Bytes 14.08.2014 19:06:46
AVPREF.DLL : 14.0.6.522 50256 Bytes 14.08.2014 19:06:51
AVREP.DLL : 14.0.6.522 219216 Bytes 14.08.2014 19:06:52
AVARKT.DLL : 14.0.5.368 226384 Bytes 24.06.2014 08:53:45
AVEVTLOG.DLL : 14.0.6.522 182352 Bytes 14.08.2014 19:06:50
SQLITE3.DLL : 14.0.6.522 452176 Bytes 14.08.2014 19:07:11
AVSMTP.DLL : 14.0.6.522 76368 Bytes 14.08.2014 19:06:53
NETNT.DLL : 14.0.6.522 13392 Bytes 14.08.2014 19:07:08
RCIMAGE.DLL : 14.0.6.544 4863568 Bytes 14.08.2014 19:06:46
RCTEXT.DLL : 14.0.6.536 74320 Bytes 14.08.2014 19:06:46
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\alldrives.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Mittwoch, 20. August 2014 16:19
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelliMem.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '104' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '166' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxCUIService.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLANExt.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '118' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasyLauncher.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'EvtEng.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'RIconMan.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'HeciServer.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'jhi_service.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'RegSrvc.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'ZeroConfigService.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'EasySettingsCmdServer.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'PresentationFontCache.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '223' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxEM.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxHK.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxTray.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'skydrive.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'sSettings.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVBg64.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrl.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'ETDCtrlHelper.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanion.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'devmonsrv.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanionInfo.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'obexsrv.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'flux.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCService.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesTrayAgent.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'PDVD10Serv.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '115' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchospt.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'SettingSyncHost.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'CommonAgent.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'PhotoshopElementsFileAgent.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'IntelMeFWService.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SWMAgent.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'GuaranaAgent.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'OSPPSVC.EXE' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '145' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '61' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2565' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\swapfile.sys
[WARNUNG] Die Datei konnte nicht geöffnet werden!
Ende des Suchlaufs: Mittwoch, 20. August 2014 16:43
Benötigte Zeit: 24:25 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
32583 Verzeichnisse wurden überprüft
1242275 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
1 Dateien konnten nicht durchsucht werden
1242274 Dateien ohne Befall
7385 Archive wurden durchsucht
1 Warnungen
0 Hinweise
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 20.08.2014 Scan Time: 15:07:07 Logfile: malware trojan.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.20.03 Rootkit Database: v2014.08.16.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: ***** Scan Type: Threat Scan Result: Completed Objects Scanned: 316220 Time Elapsed: 9 min, 3 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 1 Trojan.Agent, C:\Windows\SysWOW64\svchosptd.exe, 5944, Delete-on-Reboot, [7a595c6caecd65d13b902db56b99f40c] Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 Trojan.Agent, C:\Windows\SysWOW64\svchosptd.exe, Delete-on-Reboot, [7a595c6caecd65d13b902db56b99f40c], Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 20.08.2014 Scan Time: 15:19:42 Logfile: etere.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.20.03 Rootkit Database: v2014.08.16.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: ***** Scan Type: Threat Scan Result: Completed Objects Scanned: 316138 Time Elapsed: 8 min, 55 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 1 Trojan.Agent, C:\Windows\SysWOW64\svchosptd.exe, 5944, Delete-on-Reboot, [be155f6987f4f0469c2f8e540cf826da] Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 1 Trojan.Agent, C:\Windows\SysWOW64\svchosptd.exe, Delete-on-Reboot, [be155f6987f4f0469c2f8e540cf826da], Physical Sectors: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 20.08.2014 Scan Time: 15:56:25 Logfile: file.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.20.04 Rootkit Database: v2014.08.16.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: ***** Scan Type: Threat Scan Result: Completed Objects Scanned: 316052 Time Elapsed: 8 min, 47 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) |
|
23.08.2014, 05:51
| #6 |
| /// the machine /// TB-Ausbilder | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden |
|
23.08.2014, 14:05
| #7 |
| | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefundenCode:
ATTFilter 14:57:14.0955 0x1d3c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:57:14.0955 0x1d3c UEFI system
14:57:20.0033 0x1d3c ============================================================
14:57:20.0033 0x1d3c Current date / time: 2014/08/23 14:57:20.0033
14:57:20.0033 0x1d3c SystemInfo:
14:57:20.0033 0x1d3c
14:57:20.0033 0x1d3c OS Version: 6.3.9600 ServicePack: 0.0
14:57:20.0033 0x1d3c Product type: Workstation
14:57:20.0033 0x1d3c ComputerName: *****
14:57:20.0033 0x1d3c UserName: *****
14:57:20.0033 0x1d3c Windows directory: C:\WINDOWS
14:57:20.0033 0x1d3c System windows directory: C:\WINDOWS
14:57:20.0033 0x1d3c Running under WOW64
14:57:20.0033 0x1d3c Processor architecture: Intel x64
14:57:20.0033 0x1d3c Number of processors: 4
14:57:20.0033 0x1d3c Page size: 0x1000
14:57:20.0033 0x1d3c Boot type: Normal boot
14:57:20.0033 0x1d3c ============================================================
14:57:20.0064 0x1d3c KLMD registered as C:\WINDOWS\system32\drivers\55944020.sys
14:57:20.0189 0x1d3c System UUID: {079D3764-4971-07CF-4F40-3F20EE2E87A6}
14:57:20.0689 0x1d3c Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:57:20.0689 0x1d3c ============================================================
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0:
14:57:20.0689 0x1d3c GPT partitions:
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E4A36AA8-CCF7-4072-AA06-5D8E9FFD713F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F0A9BBFF-FF7A-4A8B-B894-FA3932B1E271}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x96000
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F8FA17FC-5E49-4323-80E5-CC8A5613A845}, Name: Microsoft reserved partition, StartLBA 0x190000, BlocksNum 0x40000
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F90C0CA0-276D-41C4-8738-7E70AEFA9F8E}, Name: Basic data partition, StartLBA 0x1D0000, BlocksNum 0x1ADCE801
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5399DAF3-0B92-4724-A4A6-E43BE79C4B24}, Name: , StartLBA 0x1AF9F000, BlocksNum 0xE0800
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {EAAEDC8B-66DE-4172-8DDA-7F07EB641B42}, Name: Basic data partition, StartLBA 0x1B07F801, BlocksNum 0x2A73800
14:57:20.0689 0x1d3c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {29F084A0-1094-4954-4173-636C65706975}, Name: Basic data partition, StartLBA 0x1DAF3001, BlocksNum 0x200000
14:57:20.0689 0x1d3c MBR partitions:
14:57:20.0689 0x1d3c ============================================================
14:57:20.0705 0x1d3c C: <-> \Device\Harddisk0\DR0\Partition4
14:57:20.0705 0x1d3c ============================================================
14:57:20.0705 0x1d3c Initialize success
14:57:20.0705 0x1d3c ============================================================
14:58:07.0355 0x16c8 ============================================================
14:58:07.0355 0x16c8 Scan started
14:58:07.0355 0x16c8 Mode: Manual; SigCheck; TDLFS;
14:58:07.0355 0x16c8 ============================================================
14:58:07.0355 0x16c8 KSN ping started
14:58:09.0761 0x16c8 KSN ping finished: true
14:58:09.0918 0x16c8 ================ Scan system memory ========================
14:58:09.0918 0x16c8 System memory - ok
14:58:09.0918 0x16c8 ================ Scan services =============================
14:58:09.0980 0x16c8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
14:58:10.0027 0x16c8 1394ohci - ok
14:58:10.0043 0x16c8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
14:58:10.0074 0x16c8 3ware - ok
14:58:10.0090 0x16c8 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
14:58:10.0136 0x16c8 ACPI - ok
14:58:10.0136 0x16c8 [ A273E88FAC37A4F819ED99FE4B642F4D, 994DC229B7B4379852928DF0B22E8E575AB239FD8904AF580AA36A44ED717CD9 ] acpials C:\WINDOWS\system32\DRIVERS\acpials.sys
14:58:10.0152 0x16c8 acpials - ok
14:58:10.0168 0x16c8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
14:58:10.0183 0x16c8 acpiex - ok
14:58:10.0183 0x16c8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
14:58:10.0199 0x16c8 acpipagr - ok
14:58:10.0215 0x16c8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
14:58:10.0230 0x16c8 AcpiPmi - ok
14:58:10.0230 0x16c8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
14:58:10.0246 0x16c8 acpitime - ok
14:58:10.0261 0x16c8 [ 844B780F7EB43C4FB5D7BE0EAFA52F6A, F8C9C991000665744DDE02B285868CBAA1A73634EE6A22582BC513AEE2588965 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
14:58:10.0277 0x16c8 AdobeActiveFileMonitor11.0 - ok
14:58:10.0293 0x16c8 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:58:10.0308 0x16c8 AdobeARMservice - ok
14:58:10.0340 0x16c8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:58:10.0386 0x16c8 ADP80XX - ok
14:58:10.0402 0x16c8 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
14:58:10.0418 0x16c8 AeLookupSvc - ok
14:58:10.0449 0x16c8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
14:58:10.0480 0x16c8 AFD - ok
14:58:10.0480 0x16c8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
14:58:10.0496 0x16c8 agp440 - ok
14:58:10.0511 0x16c8 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:58:10.0527 0x16c8 ahcache - ok
14:58:10.0543 0x16c8 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
14:58:10.0558 0x16c8 ALG - ok
14:58:10.0574 0x16c8 [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:58:10.0605 0x16c8 AMD External Events Utility - ok
14:58:10.0605 0x16c8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
14:58:10.0636 0x16c8 AmdK8 - ok
14:58:11.0027 0x16c8 [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
14:58:11.0480 0x16c8 amdkmdag - ok
14:58:11.0543 0x16c8 [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:58:11.0590 0x16c8 amdkmdap - ok
14:58:11.0590 0x16c8 [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
14:58:11.0605 0x16c8 amdkmpfd - ok
14:58:11.0621 0x16c8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
14:58:11.0636 0x16c8 AmdPPM - ok
14:58:11.0652 0x16c8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
14:58:11.0668 0x16c8 amdsata - ok
14:58:11.0683 0x16c8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
14:58:11.0715 0x16c8 amdsbs - ok
14:58:11.0730 0x16c8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
14:58:11.0746 0x16c8 amdxata - ok
14:58:11.0746 0x16c8 [ 5451A638FACAA57F2F179837BC29A543, E0BDBC13D84D97985983307E7D780E3FD29AE9EF2612C36FC2A92AF3566DA40B ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
14:58:11.0761 0x16c8 AMPPAL - ok
14:58:11.0793 0x16c8 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:58:11.0808 0x16c8 AntiVirSchedulerService - ok
14:58:11.0824 0x16c8 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:58:11.0840 0x16c8 AntiVirService - ok
14:58:11.0855 0x16c8 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
14:58:11.0871 0x16c8 AppID - ok
14:58:11.0871 0x16c8 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
14:58:11.0902 0x16c8 AppIDSvc - ok
14:58:11.0902 0x16c8 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll
14:58:11.0918 0x16c8 Appinfo - ok
14:58:11.0933 0x16c8 [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:58:11.0949 0x16c8 AppMgmt - ok
14:58:11.0980 0x16c8 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
14:58:12.0011 0x16c8 AppReadiness - ok
14:58:12.0043 0x16c8 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
14:58:12.0105 0x16c8 AppXSvc - ok
14:58:12.0105 0x16c8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
14:58:12.0137 0x16c8 arcsas - ok
14:58:12.0137 0x16c8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
14:58:12.0152 0x16c8 atapi - ok
14:58:12.0152 0x16c8 [ EF2EC92C4E449CD065B9E892E05D47BE, 9A65E2B5978FF6237698621A28E3EC74CC405AB9D7E2788DFF52255609BD8DDB ] AtiDCM C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys
14:58:12.0168 0x16c8 AtiDCM - ok
14:58:12.0183 0x16c8 [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:58:12.0199 0x16c8 AudioEndpointBuilder - ok
14:58:12.0230 0x16c8 [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
14:58:12.0262 0x16c8 Audiosrv - ok
14:58:12.0277 0x16c8 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
14:58:12.0293 0x16c8 avgntflt - ok
14:58:12.0293 0x16c8 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
14:58:12.0324 0x16c8 avipbb - ok
14:58:12.0324 0x16c8 [ 8F9FB2E345549C1432249BDB8B9C1C0A, 337370238116022987D3CA957CFDAC9D953990F2AC513ACBFBA2D05E35A5F400 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
14:58:12.0340 0x16c8 Avira.OE.ServiceHost - ok
14:58:12.0340 0x16c8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
14:58:12.0355 0x16c8 avkmgr - ok
14:58:12.0355 0x16c8 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
14:58:12.0387 0x16c8 AxInstSV - ok
14:58:12.0402 0x16c8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
14:58:12.0449 0x16c8 b06bdrv - ok
14:58:12.0465 0x16c8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:58:12.0480 0x16c8 BasicDisplay - ok
14:58:12.0480 0x16c8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
14:58:12.0496 0x16c8 BasicRender - ok
14:58:12.0512 0x16c8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
14:58:12.0512 0x16c8 bcmfn2 - ok
14:58:12.0527 0x16c8 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
14:58:12.0558 0x16c8 BDESVC - ok
14:58:12.0574 0x16c8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:58:12.0590 0x16c8 Beep - ok
14:58:12.0605 0x16c8 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
14:58:12.0637 0x16c8 BFE - ok
14:58:12.0668 0x16c8 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
14:58:12.0730 0x16c8 BITS - ok
14:58:12.0793 0x16c8 [ BAE8683BE3463B25E51875B380AB695A, 3EDB44560F798BB05AB7F534CEC4688C35AD9092B7D1CC5F58B47E82BD8EA270 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:58:12.0871 0x16c8 Bluetooth Device Monitor - ok
14:58:12.0918 0x16c8 [ AF06006C7A8B6CE409ABD351867A9544, AB985CEB86E57AB99E8D273058533CD3D04FF3232C62688DFD8F9D6A5B6586CD ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:58:12.0965 0x16c8 Bluetooth OBEX Service - ok
14:58:12.0980 0x16c8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
14:58:12.0996 0x16c8 bowser - ok
14:58:13.0012 0x16c8 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:58:13.0027 0x16c8 BrokerInfrastructure - ok
14:58:13.0043 0x16c8 [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll
14:58:13.0058 0x16c8 Browser - ok
14:58:13.0074 0x16c8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:58:13.0090 0x16c8 BthAvrcpTg - ok
14:58:13.0105 0x16c8 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:58:13.0121 0x16c8 BthEnum - ok
14:58:13.0121 0x16c8 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
14:58:13.0152 0x16c8 BthHFEnum - ok
14:58:13.0152 0x16c8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
14:58:13.0183 0x16c8 bthhfhid - ok
14:58:13.0199 0x16c8 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
14:58:13.0246 0x16c8 BthLEEnum - ok
14:58:13.0262 0x16c8 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
14:58:13.0277 0x16c8 BTHMODEM - ok
14:58:13.0293 0x16c8 [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
14:58:13.0324 0x16c8 BthPan - ok
14:58:13.0387 0x16c8 [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
14:58:13.0465 0x16c8 BTHPORT - ok
14:58:13.0480 0x16c8 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
14:58:13.0496 0x16c8 bthserv - ok
14:58:13.0512 0x16c8 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
14:58:13.0543 0x16c8 BTHUSB - ok
14:58:13.0605 0x16c8 [ FD6DCB9E986D4B88655370C7F3976F78, F106BBC3147BF4FFEE3A56B477BA7F26A269CAE659570930860AF033F1171A70 ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
14:58:13.0683 0x16c8 btmhsf - ok
14:58:13.0699 0x16c8 [ D2AAC014F1888A58DBDA67FAA15ED6CB, DBD6F4C84956CE8A14D8321EF52798F5C88E991E79BB03433BB34C8881A21FC7 ] cbfs3 C:\windows\system32\drivers\cbfs3.sys
14:58:13.0746 0x16c8 cbfs3 - ok
14:58:13.0746 0x16c8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:58:13.0777 0x16c8 cdfs - ok
14:58:13.0793 0x16c8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
14:58:13.0824 0x16c8 cdrom - ok
14:58:13.0840 0x16c8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
14:58:13.0871 0x16c8 CertPropSvc - ok
14:58:13.0871 0x16c8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
14:58:13.0902 0x16c8 circlass - ok
14:58:13.0933 0x16c8 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
14:58:13.0980 0x16c8 CLFS - ok
14:58:13.0996 0x16c8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
14:58:14.0027 0x16c8 CmBatt - ok
14:58:14.0043 0x16c8 [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
14:58:14.0105 0x16c8 CNG - ok
14:58:14.0121 0x16c8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
14:58:14.0152 0x16c8 CompositeBus - ok
14:58:14.0152 0x16c8 COMSysApp - ok
14:58:14.0168 0x16c8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
14:58:14.0199 0x16c8 condrv - ok
14:58:14.0230 0x16c8 [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:58:14.0277 0x16c8 cphs - ok
14:58:14.0293 0x16c8 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
14:58:14.0324 0x16c8 CryptSvc - ok
14:58:14.0340 0x16c8 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
14:58:14.0387 0x16c8 CSC - ok
14:58:14.0402 0x16c8 [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\WINDOWS\System32\cscsvc.dll
14:58:14.0433 0x16c8 CscService - ok
14:58:14.0449 0x16c8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
14:58:14.0465 0x16c8 dam - ok
14:58:14.0496 0x16c8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:58:14.0527 0x16c8 DcomLaunch - ok
14:58:14.0543 0x16c8 [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
14:58:14.0574 0x16c8 defragsvc - ok
14:58:14.0590 0x16c8 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:58:14.0605 0x16c8 DeviceAssociationService - ok
14:58:14.0621 0x16c8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
14:58:14.0637 0x16c8 DeviceInstall - ok
14:58:14.0652 0x16c8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
14:58:14.0668 0x16c8 Dfsc - ok
14:58:14.0684 0x16c8 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
14:58:14.0699 0x16c8 Dhcp - ok
14:58:14.0715 0x16c8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
14:58:14.0730 0x16c8 disk - ok
14:58:14.0746 0x16c8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
14:58:14.0746 0x16c8 dmvsc - ok
14:58:14.0762 0x16c8 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:58:14.0793 0x16c8 Dnscache - ok
14:58:14.0793 0x16c8 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
14:58:14.0840 0x16c8 dot3svc - ok
14:58:14.0855 0x16c8 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
14:58:14.0902 0x16c8 DPS - ok
14:58:14.0918 0x16c8 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:58:14.0934 0x16c8 drmkaud - ok
14:58:14.0949 0x16c8 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
14:58:14.0980 0x16c8 DsmSvc - ok
14:58:15.0043 0x16c8 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:58:15.0137 0x16c8 DXGKrnl - ok
14:58:15.0168 0x16c8 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
14:58:15.0199 0x16c8 Eaphost - ok
14:58:15.0293 0x16c8 [ A515EA46083A90FC8F476FC8C1107780, E203C6291E5B5B69727828F7EFF41136EE9227C678587FF01F3A0A0A1D6A6802 ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
14:58:15.0402 0x16c8 Easy Launcher - ok
14:58:15.0496 0x16c8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
14:58:15.0652 0x16c8 ebdrv - ok
14:58:15.0668 0x16c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
14:58:15.0684 0x16c8 EFS - ok
14:58:15.0684 0x16c8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
14:58:15.0699 0x16c8 EhStorClass - ok
14:58:15.0715 0x16c8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:58:15.0730 0x16c8 EhStorTcgDrv - ok
14:58:15.0746 0x16c8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
14:58:15.0762 0x16c8 ErrDev - ok
14:58:15.0777 0x16c8 [ 220F8C18A8C5BCF7EB3BC5F6766AA74B, 5D327746AFD02EC40058EA5AB13EA543FA5ED0824731F56AF10FD2D6254F2227 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
14:58:15.0793 0x16c8 ETD - ok
14:58:15.0809 0x16c8 [ 6BB0C4B213D5DDFC3E01ACB65461CE99, 24028FDD0D91B313357F1C4EACC2A73F53B5E7ACC02C3CA8B895BC9B4BE342D2 ] ETDSMBus C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys
14:58:15.0809 0x16c8 ETDSMBus - ok
14:58:15.0840 0x16c8 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
14:58:15.0855 0x16c8 EventSystem - ok
14:58:15.0887 0x16c8 [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:58:15.0902 0x16c8 EvtEng - ok
14:58:15.0918 0x16c8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
14:58:15.0949 0x16c8 exfat - ok
14:58:15.0965 0x16c8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
14:58:15.0980 0x16c8 fastfat - ok
14:58:16.0012 0x16c8 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
14:58:16.0059 0x16c8 Fax - ok
14:58:16.0059 0x16c8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
14:58:16.0074 0x16c8 fdc - ok
14:58:16.0090 0x16c8 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
14:58:16.0105 0x16c8 fdPHost - ok
14:58:16.0121 0x16c8 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
14:58:16.0137 0x16c8 FDResPub - ok
14:58:16.0137 0x16c8 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
14:58:16.0168 0x16c8 fhsvc - ok
14:58:16.0168 0x16c8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
14:58:16.0184 0x16c8 FileInfo - ok
14:58:16.0199 0x16c8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
14:58:16.0215 0x16c8 Filetrace - ok
14:58:16.0230 0x16c8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
14:58:16.0246 0x16c8 flpydisk - ok
14:58:16.0262 0x16c8 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:58:16.0293 0x16c8 FltMgr - ok
14:58:16.0324 0x16c8 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
14:58:16.0387 0x16c8 FontCache - ok
14:58:16.0402 0x16c8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:58:16.0418 0x16c8 FontCache3.0.0.0 - ok
14:58:16.0418 0x16c8 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
14:58:16.0434 0x16c8 FsDepends - ok
14:58:16.0449 0x16c8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:58:16.0465 0x16c8 Fs_Rec - ok
14:58:16.0480 0x16c8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:58:16.0512 0x16c8 fvevol - ok
14:58:16.0527 0x16c8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
14:58:16.0543 0x16c8 FxPPM - ok
14:58:16.0543 0x16c8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
14:58:16.0574 0x16c8 gagp30kx - ok
14:58:16.0574 0x16c8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
14:58:16.0590 0x16c8 gencounter - ok
14:58:16.0605 0x16c8 [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:58:16.0637 0x16c8 GPIOClx0101 - ok
14:58:16.0684 0x16c8 [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc C:\WINDOWS\System32\gpsvc.dll
14:58:16.0746 0x16c8 gpsvc - ok
14:58:16.0762 0x16c8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:16.0777 0x16c8 gupdate - ok
14:58:16.0793 0x16c8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:58:16.0809 0x16c8 gupdatem - ok
14:58:16.0809 0x16c8 [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
14:58:16.0840 0x16c8 HDAudBus - ok
14:58:16.0856 0x16c8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
14:58:16.0871 0x16c8 HidBatt - ok
14:58:16.0887 0x16c8 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
14:58:16.0902 0x16c8 HidBth - ok
14:58:16.0902 0x16c8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
14:58:16.0934 0x16c8 hidi2c - ok
14:58:16.0934 0x16c8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
14:58:16.0949 0x16c8 HidIr - ok
14:58:16.0965 0x16c8 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
14:58:16.0965 0x16c8 hidserv - ok
14:58:16.0981 0x16c8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
14:58:16.0996 0x16c8 HidUsb - ok
14:58:16.0996 0x16c8 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
14:58:17.0027 0x16c8 hkmsvc - ok
14:58:17.0027 0x16c8 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:58:17.0059 0x16c8 HomeGroupListener - ok
14:58:17.0090 0x16c8 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:58:17.0121 0x16c8 HomeGroupProvider - ok
14:58:17.0121 0x16c8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
14:58:17.0152 0x16c8 HpSAMD - ok
14:58:17.0184 0x16c8 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
14:58:17.0246 0x16c8 HTTP - ok
14:58:17.0262 0x16c8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
14:58:17.0277 0x16c8 hwpolicy - ok
14:58:17.0293 0x16c8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
14:58:17.0309 0x16c8 hyperkbd - ok
14:58:17.0309 0x16c8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:58:17.0324 0x16c8 HyperVideo - ok
14:58:17.0340 0x16c8 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
14:58:17.0356 0x16c8 i8042prt - ok
14:58:17.0356 0x16c8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:58:17.0371 0x16c8 iaLPSSi_GPIO - ok
14:58:17.0387 0x16c8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:58:17.0402 0x16c8 iaLPSSi_I2C - ok
14:58:17.0418 0x16c8 [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
14:58:17.0449 0x16c8 iaStorA - ok
14:58:17.0481 0x16c8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
14:58:17.0512 0x16c8 iaStorAV - ok
14:58:17.0527 0x16c8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
14:58:17.0559 0x16c8 iaStorV - ok
14:58:17.0574 0x16c8 [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
14:58:17.0590 0x16c8 iBtFltCoex - ok
14:58:17.0590 0x16c8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:58:17.0621 0x16c8 ICCS - ok
14:58:17.0731 0x16c8 [ ACD1812E8A531E1CEA09BA3991371E48, 87CAE32D26A36B0AEF8EC884CDFE3E6A572C9330206E004BD63423ED00BB5A62 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe
14:58:17.0840 0x16c8 IconMan_R - ok
14:58:17.0856 0x16c8 IEEtwCollectorService - ok
14:58:17.0949 0x16c8 [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:58:18.0137 0x16c8 igfx - ok
14:58:18.0168 0x16c8 [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:58:18.0199 0x16c8 igfxCUIService1.0.0.0 - ok
14:58:18.0231 0x16c8 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
14:58:18.0293 0x16c8 IKEEXT - ok
14:58:18.0309 0x16c8 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
14:58:18.0324 0x16c8 intaud_WaveExtensible - ok
14:58:18.0434 0x16c8 [ 16FC5F9A038D855D9EACC04FFFF83174, E5A7E196F0C7204CBDE14519F6E5E8C6F566388C8FFB85653C27599662E07B03 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:58:18.0574 0x16c8 IntcAzAudAddService - ok
14:58:18.0606 0x16c8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:58:18.0637 0x16c8 IntcDAud - ok
14:58:18.0684 0x16c8 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:58:18.0731 0x16c8 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:58:21.0496 0x16c8 Detect skipped due to KSN trusted
14:58:21.0496 0x16c8 Intel(R) Capability Licensing Service Interface - ok
14:58:21.0528 0x16c8 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:58:21.0559 0x16c8 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:58:21.0575 0x16c8 [ B32A84262049E43DB2FDB70F2EAF3BEE, B80214F5A697F7C163E62448FAC4FC71E798114E1C0FBB52C3A16534208849B7 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:58:21.0590 0x16c8 Intel(R) ME Service - ok
14:58:21.0590 0x16c8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
14:58:21.0606 0x16c8 intelide - ok
14:58:21.0606 0x16c8 [ 50CECF39DE3B0963452A6CE0F9923D1B, 146528E1CA4B5B6F21CEDF73E14FF76EFC2F71ED80A296D56BDA0443E3708BF1 ] IntelliMemory C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
14:58:21.0621 0x16c8 IntelliMemory - ok
14:58:21.0621 0x16c8 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
14:58:21.0637 0x16c8 intelpep - ok
14:58:21.0653 0x16c8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
14:58:21.0668 0x16c8 intelppm - ok
14:58:21.0684 0x16c8 [ 6FEA9DB21D79E2660B747DBDF63799BE, DC7058EF1FB4450CD185859CA98807663D6275218F1C8813C9840DC3B5284B84 ] intmfs C:\WINDOWS\system32\DRIVERS\intmfs.sys
14:58:21.0700 0x16c8 intmfs - ok
14:58:21.0700 0x16c8 [ 66508F908D2B8FF0636C6745C4FEB99A, B493366F474411526E5240AF99ACB7D47CCAF1E3C331997F19630B30C4AB821D ] intmsd C:\WINDOWS\system32\DRIVERS\intmsd.sys
14:58:21.0715 0x16c8 intmsd - ok
14:58:21.0731 0x16c8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:58:21.0746 0x16c8 IpFilterDriver - ok
14:58:21.0778 0x16c8 [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
14:58:21.0825 0x16c8 iphlpsvc - ok
14:58:21.0840 0x16c8 [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:58:21.0856 0x16c8 IPMIDRV - ok
14:58:21.0856 0x16c8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
14:58:21.0887 0x16c8 IPNAT - ok
14:58:21.0887 0x16c8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
14:58:21.0903 0x16c8 IRENUM - ok
14:58:21.0918 0x16c8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
14:58:21.0934 0x16c8 isapnp - ok
14:58:21.0934 0x16c8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
14:58:21.0981 0x16c8 iScsiPrt - ok
14:58:21.0981 0x16c8 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
14:58:21.0996 0x16c8 iumsvc - ok
14:58:22.0012 0x16c8 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
14:58:22.0028 0x16c8 iwdbus - ok
14:58:22.0028 0x16c8 [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:58:22.0075 0x16c8 jhi_service - ok
14:58:22.0090 0x16c8 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
14:58:22.0121 0x16c8 kbdclass - ok
14:58:22.0121 0x16c8 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
14:58:22.0137 0x16c8 kbdhid - ok
14:58:22.0153 0x16c8 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
14:58:22.0168 0x16c8 kbldfltr - ok
14:58:22.0184 0x16c8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
14:58:22.0215 0x16c8 kdnic - ok
14:58:22.0215 0x16c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
14:58:22.0231 0x16c8 KeyIso - ok
14:58:22.0246 0x16c8 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
14:58:22.0278 0x16c8 KSecDD - ok
14:58:22.0293 0x16c8 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:58:22.0325 0x16c8 KSecPkg - ok
14:58:22.0325 0x16c8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
14:58:22.0340 0x16c8 ksthunk - ok
14:58:22.0356 0x16c8 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
14:58:22.0387 0x16c8 KtmRm - ok
14:58:22.0403 0x16c8 [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
14:58:22.0434 0x16c8 LanmanServer - ok
14:58:22.0450 0x16c8 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:58:22.0465 0x16c8 LanmanWorkstation - ok
14:58:22.0481 0x16c8 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
14:58:22.0512 0x16c8 lfsvc - ok
14:58:22.0528 0x16c8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
14:58:22.0543 0x16c8 lltdio - ok
14:58:22.0575 0x16c8 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
14:58:22.0606 0x16c8 lltdsvc - ok
14:58:22.0621 0x16c8 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
14:58:22.0621 0x16c8 lmhosts - ok
14:58:22.0637 0x16c8 [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:58:22.0653 0x16c8 LMS - ok
14:58:22.0668 0x16c8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
14:58:22.0684 0x16c8 LSI_SAS - ok
14:58:22.0700 0x16c8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
14:58:22.0715 0x16c8 LSI_SAS2 - ok
14:58:22.0715 0x16c8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
14:58:22.0731 0x16c8 LSI_SAS3 - ok
14:58:22.0746 0x16c8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
14:58:22.0762 0x16c8 LSI_SSS - ok
14:58:22.0793 0x16c8 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
14:58:22.0840 0x16c8 LSM - ok
14:58:22.0840 0x16c8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
14:58:22.0871 0x16c8 luafv - ok
14:58:22.0871 0x16c8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
14:58:22.0887 0x16c8 megasas - ok
14:58:22.0903 0x16c8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
14:58:22.0965 0x16c8 megasr - ok
14:58:22.0981 0x16c8 [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
14:58:22.0996 0x16c8 MEIx64 - ok
14:58:23.0012 0x16c8 Microsoft SharePoint Workspace Audit Service - ok
14:58:23.0012 0x16c8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
14:58:23.0043 0x16c8 MMCSS - ok
14:58:23.0043 0x16c8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
14:58:23.0075 0x16c8 Modem - ok
14:58:23.0090 0x16c8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
14:58:23.0106 0x16c8 monitor - ok
14:58:23.0121 0x16c8 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
14:58:23.0153 0x16c8 mouclass - ok
14:58:23.0153 0x16c8 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
14:58:23.0168 0x16c8 mouhid - ok
14:58:23.0184 0x16c8 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
14:58:23.0215 0x16c8 mountmgr - ok
14:58:23.0215 0x16c8 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
14:58:23.0246 0x16c8 mpsdrv - ok
14:58:23.0278 0x16c8 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
14:58:23.0309 0x16c8 MpsSvc - ok
14:58:23.0325 0x16c8 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
14:58:23.0356 0x16c8 MRxDAV - ok
14:58:23.0387 0x16c8 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:58:23.0403 0x16c8 mrxsmb - ok
14:58:23.0418 0x16c8 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:58:23.0450 0x16c8 mrxsmb10 - ok
14:58:23.0465 0x16c8 [ 5C42CEE3E2018E1DFC6E3E17240A432A, 7DFF61686167535125BA376A9BE3DD1C2AC7A2C13455E0FD8E83AAE88E52F987 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:58:23.0481 0x16c8 mrxsmb20 - ok
14:58:23.0496 0x16c8 [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
14:58:23.0512 0x16c8 MsBridge - ok
14:58:23.0528 0x16c8 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
14:58:23.0559 0x16c8 MSDTC - ok
14:58:23.0575 0x16c8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:58:23.0590 0x16c8 Msfs - ok
14:58:23.0606 0x16c8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:58:23.0621 0x16c8 msgpiowin32 - ok
14:58:23.0621 0x16c8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:58:23.0637 0x16c8 mshidkmdf - ok
14:58:23.0653 0x16c8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
14:58:23.0653 0x16c8 mshidumdf - ok
14:58:23.0668 0x16c8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
14:58:23.0684 0x16c8 msisadrv - ok
14:58:23.0684 0x16c8 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
14:58:23.0715 0x16c8 MSiSCSI - ok
14:58:23.0715 0x16c8 msiserver - ok
14:58:23.0715 0x16c8 [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
14:58:23.0746 0x16c8 MsKeyboardFilter - ok
14:58:23.0746 0x16c8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:58:23.0762 0x16c8 MSKSSRV - ok
14:58:23.0778 0x16c8 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
14:58:23.0793 0x16c8 MsLldp - ok
14:58:23.0793 0x16c8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:58:23.0809 0x16c8 MSPCLOCK - ok
14:58:23.0825 0x16c8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:58:23.0840 0x16c8 MSPQM - ok
14:58:23.0840 0x16c8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
14:58:23.0872 0x16c8 MsRPC - ok
14:58:23.0887 0x16c8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
14:58:23.0903 0x16c8 mssmbios - ok
14:58:23.0903 0x16c8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:58:23.0918 0x16c8 MSTEE - ok
14:58:23.0934 0x16c8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
14:58:23.0950 0x16c8 MTConfig - ok
14:58:23.0950 0x16c8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
14:58:23.0981 0x16c8 Mup - ok
14:58:23.0981 0x16c8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
14:58:23.0997 0x16c8 mvumis - ok
14:58:24.0012 0x16c8 [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:58:24.0043 0x16c8 MyWiFiDHCPDNS - ok
14:58:24.0059 0x16c8 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
14:58:24.0090 0x16c8 napagent - ok
14:58:24.0106 0x16c8 [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:58:24.0137 0x16c8 NativeWifiP - ok
14:58:24.0153 0x16c8 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
14:58:24.0184 0x16c8 NcaSvc - ok
14:58:24.0184 0x16c8 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
14:58:24.0200 0x16c8 NcbService - ok
14:58:24.0215 0x16c8 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
14:58:24.0231 0x16c8 NcdAutoSetup - ok
14:58:24.0262 0x16c8 [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
14:58:24.0325 0x16c8 NDIS - ok
14:58:24.0325 0x16c8 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
14:58:24.0340 0x16c8 NdisCap - ok
14:58:24.0356 0x16c8 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
14:58:24.0372 0x16c8 NdisImPlatform - ok
14:58:24.0387 0x16c8 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:58:24.0403 0x16c8 NdisTapi - ok
14:58:24.0403 0x16c8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:58:24.0434 0x16c8 Ndisuio - ok
14:58:24.0434 0x16c8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:58:24.0450 0x16c8 NdisVirtualBus - ok
14:58:24.0465 0x16c8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:58:24.0497 0x16c8 NdisWan - ok
14:58:24.0497 0x16c8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:58:24.0528 0x16c8 NdisWanLegacy - ok
14:58:24.0528 0x16c8 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:58:24.0543 0x16c8 NDProxy - ok
14:58:24.0575 0x16c8 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
14:58:24.0590 0x16c8 Ndu - ok
14:58:24.0606 0x16c8 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:58:24.0622 0x16c8 NetBIOS - ok
14:58:24.0637 0x16c8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:58:24.0653 0x16c8 NetBT - ok
14:58:24.0668 0x16c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:58:24.0684 0x16c8 Netlogon - ok
14:58:24.0684 0x16c8 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
14:58:24.0715 0x16c8 Netman - ok
14:58:24.0731 0x16c8 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
14:58:24.0762 0x16c8 netprofm - ok
14:58:24.0778 0x16c8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:58:24.0793 0x16c8 NetTcpPortSharing - ok
14:58:24.0809 0x16c8 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
14:58:24.0825 0x16c8 netvsc - ok
14:58:24.0934 0x16c8 [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\Netwew00.sys
14:58:25.0043 0x16c8 NETwNe64 - ok
14:58:25.0075 0x16c8 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
14:58:25.0106 0x16c8 NlaSvc - ok
14:58:25.0122 0x16c8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:58:25.0137 0x16c8 Npfs - ok
14:58:25.0137 0x16c8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
14:58:25.0153 0x16c8 npsvctrig - ok
14:58:25.0168 0x16c8 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
14:58:25.0168 0x16c8 nsi - ok
14:58:25.0184 0x16c8 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
14:58:25.0200 0x16c8 nsiproxy - ok
14:58:25.0262 0x16c8 [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:58:25.0356 0x16c8 Ntfs - ok
14:58:25.0372 0x16c8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
14:58:25.0387 0x16c8 Null - ok
14:58:25.0387 0x16c8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
14:58:25.0418 0x16c8 nvraid - ok
14:58:25.0418 0x16c8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
14:58:25.0450 0x16c8 nvstor - ok
14:58:25.0450 0x16c8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
14:58:25.0465 0x16c8 nv_agp - ok
14:58:25.0481 0x16c8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:58:25.0497 0x16c8 ose - ok
14:58:25.0747 0x16c8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:58:26.0028 0x16c8 osppsvc - ok
14:58:26.0059 0x16c8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
14:58:26.0090 0x16c8 p2pimsvc - ok
14:58:26.0106 0x16c8 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
14:58:26.0137 0x16c8 p2psvc - ok
14:58:26.0153 0x16c8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
14:58:26.0169 0x16c8 Parport - ok
14:58:26.0184 0x16c8 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
14:58:26.0215 0x16c8 partmgr - ok
14:58:26.0231 0x16c8 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
14:58:26.0278 0x16c8 PcaSvc - ok
14:58:26.0294 0x16c8 [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\WINDOWS\system32\drivers\pci.sys
14:58:26.0325 0x16c8 pci - ok
14:58:26.0325 0x16c8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
14:58:26.0356 0x16c8 pciide - ok
14:58:26.0372 0x16c8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
14:58:26.0403 0x16c8 pcmcia - ok
14:58:26.0419 0x16c8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
14:58:26.0434 0x16c8 pcw - ok
14:58:26.0434 0x16c8 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
14:58:26.0465 0x16c8 pdc - ok
14:58:26.0481 0x16c8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
14:58:26.0544 0x16c8 PEAUTH - ok
14:58:26.0622 0x16c8 [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
14:58:26.0731 0x16c8 PeerDistSvc - ok
14:58:26.0762 0x16c8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
14:58:26.0794 0x16c8 PerfHost - ok
14:58:26.0840 0x16c8 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
14:58:26.0903 0x16c8 pla - ok
14:58:26.0919 0x16c8 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
14:58:26.0934 0x16c8 PlugPlay - ok
14:58:26.0934 0x16c8 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
14:58:26.0950 0x16c8 PNRPAutoReg - ok
14:58:26.0965 0x16c8 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
14:58:26.0997 0x16c8 PNRPsvc - ok
14:58:27.0012 0x16c8 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
14:58:27.0028 0x16c8 PolicyAgent - ok
14:58:27.0044 0x16c8 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
14:58:27.0059 0x16c8 Power - ok
14:58:27.0153 0x16c8 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
14:58:27.0278 0x16c8 PrintNotify - ok
14:58:27.0294 0x16c8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
14:58:27.0309 0x16c8 Processor - ok
14:58:27.0325 0x16c8 [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
14:58:27.0340 0x16c8 ProfSvc - ok
14:58:27.0356 0x16c8 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
14:58:27.0372 0x16c8 Psched - ok
14:58:27.0372 0x16c8 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
14:58:27.0387 0x16c8 PxHlpa64 - ok
14:58:27.0403 0x16c8 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
14:58:27.0434 0x16c8 QWAVE - ok
14:58:27.0434 0x16c8 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
14:58:27.0465 0x16c8 QWAVEdrv - ok
14:58:27.0465 0x16c8 [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\WINDOWS\System32\drivers\RadioHIDMini.sys
14:58:27.0481 0x16c8 RadioHIDMini - ok
14:58:27.0497 0x16c8 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:58:27.0512 0x16c8 RasAcd - ok
14:58:27.0512 0x16c8 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:58:27.0544 0x16c8 RasAuto - ok
14:58:27.0559 0x16c8 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:58:27.0622 0x16c8 RasMan - ok
14:58:27.0622 0x16c8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:58:27.0669 0x16c8 RasPppoe - ok
14:58:27.0700 0x16c8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:58:27.0731 0x16c8 rdbss - ok
14:58:27.0747 0x16c8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
14:58:27.0778 0x16c8 rdpbus - ok
14:58:27.0794 0x16c8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
14:58:27.0825 0x16c8 RDPDR - ok
14:58:27.0840 0x16c8 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:58:27.0856 0x16c8 RdpVideoMiniport - ok
14:58:27.0856 0x16c8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
14:58:27.0887 0x16c8 rdyboost - ok
14:58:27.0919 0x16c8 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
14:58:27.0981 0x16c8 ReFS - ok
14:58:27.0997 0x16c8 [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:58:28.0012 0x16c8 RegSrvc - ok
14:58:28.0028 0x16c8 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:58:28.0059 0x16c8 RemoteAccess - ok
14:58:28.0059 0x16c8 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:58:28.0090 0x16c8 RemoteRegistry - ok
14:58:28.0106 0x16c8 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:58:28.0122 0x16c8 RFCOMM - ok
14:58:28.0137 0x16c8 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
14:58:28.0153 0x16c8 RpcEptMapper - ok
14:58:28.0153 0x16c8 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:58:28.0169 0x16c8 RpcLocator - ok
14:58:28.0184 0x16c8 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:58:28.0231 0x16c8 RpcSs - ok
14:58:28.0247 0x16c8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
14:58:28.0262 0x16c8 rspndr - ok
14:58:28.0278 0x16c8 [ F0B1E5B1AF1B47EF90A79E2E1E2BA8B3, 37BE08BCD0DA8908E79D0BD91EA7BEF391DD8EFF7487DDD7372773B598E0EDAC ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
14:58:28.0309 0x16c8 RSUSBVSTOR - ok
14:58:28.0325 0x16c8 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
14:58:28.0356 0x16c8 RTL8168 - ok
14:58:28.0372 0x16c8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
14:58:28.0387 0x16c8 s3cap - ok
14:58:28.0387 0x16c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
14:58:28.0403 0x16c8 SamSs - ok
14:58:28.0419 0x16c8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
14:58:28.0434 0x16c8 sbp2port - ok
14:58:28.0450 0x16c8 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
14:58:28.0481 0x16c8 SCardSvr - ok
14:58:28.0481 0x16c8 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
14:58:28.0528 0x16c8 ScDeviceEnum - ok
14:58:28.0544 0x16c8 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:58:28.0575 0x16c8 scfilter - ok
14:58:28.0637 0x16c8 [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:58:28.0700 0x16c8 Schedule - ok
14:58:28.0716 0x16c8 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
14:58:28.0747 0x16c8 SCPolicySvc - ok
14:58:28.0762 0x16c8 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
14:58:28.0794 0x16c8 sdbus - ok
14:58:28.0794 0x16c8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
14:58:28.0825 0x16c8 sdstor - ok
14:58:28.0825 0x16c8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
14:58:28.0841 0x16c8 secdrv - ok
14:58:28.0856 0x16c8 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
14:58:28.0872 0x16c8 seclogon - ok
14:58:28.0872 0x16c8 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
14:58:28.0903 0x16c8 SENS - ok
14:58:28.0903 0x16c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] SensorsAlsDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:58:28.0934 0x16c8 SensorsAlsDriver - ok
14:58:28.0950 0x16c8 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
14:58:28.0966 0x16c8 SensrSvc - ok
14:58:28.0966 0x16c8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
14:58:28.0997 0x16c8 SerCx - ok
14:58:28.0997 0x16c8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
14:58:29.0028 0x16c8 SerCx2 - ok
14:58:29.0044 0x16c8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
14:58:29.0059 0x16c8 Serenum - ok
14:58:29.0075 0x16c8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
14:58:29.0091 0x16c8 Serial - ok
14:58:29.0106 0x16c8 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
14:58:29.0122 0x16c8 sermouse - ok
14:58:29.0137 0x16c8 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
14:58:29.0169 0x16c8 SessionEnv - ok
14:58:29.0184 0x16c8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
14:58:29.0200 0x16c8 sfloppy - ok
14:58:29.0216 0x16c8 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:58:29.0247 0x16c8 SharedAccess - ok
14:58:29.0262 0x16c8 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:58:29.0309 0x16c8 ShellHWDetection - ok
14:58:29.0309 0x16c8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:58:29.0325 0x16c8 SiSRaid2 - ok
14:58:29.0341 0x16c8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
14:58:29.0356 0x16c8 SiSRaid4 - ok
14:58:29.0372 0x16c8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:58:29.0434 0x16c8 SkypeUpdate - ok
14:58:29.0450 0x16c8 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
14:58:29.0466 0x16c8 smphost - ok
14:58:29.0466 0x16c8 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
14:58:29.0497 0x16c8 SNMPTRAP - ok
14:58:29.0497 0x16c8 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
14:58:29.0512 0x16c8 Sony PC Companion - ok
14:58:29.0544 0x16c8 [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
14:58:29.0591 0x16c8 spaceport - ok
14:58:29.0606 0x16c8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
14:58:29.0622 0x16c8 SpbCx - ok
14:58:29.0669 0x16c8 [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe
14:58:29.0716 0x16c8 Spooler - ok
14:58:29.0919 0x16c8 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
14:58:30.0200 0x16c8 sppsvc - ok
14:58:30.0231 0x16c8 [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:58:30.0262 0x16c8 srv - ok
14:58:30.0294 0x16c8 [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
14:58:30.0325 0x16c8 srv2 - ok
14:58:30.0341 0x16c8 [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:58:30.0356 0x16c8 srvnet - ok
14:58:30.0372 0x16c8 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:58:30.0403 0x16c8 SSDPSRV - ok
14:58:30.0403 0x16c8 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\WINDOWS\system32\Drivers\SSPORT.sys
14:58:30.0419 0x16c8 SSPORT - ok
14:58:30.0434 0x16c8 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
14:58:30.0450 0x16c8 SstpSvc - ok
14:58:30.0466 0x16c8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
14:58:30.0466 0x16c8 stexstor - ok
14:58:30.0497 0x16c8 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
14:58:30.0528 0x16c8 stisvc - ok
14:58:30.0544 0x16c8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
14:58:30.0559 0x16c8 storahci - ok
14:58:30.0575 0x16c8 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
14:58:30.0606 0x16c8 storflt - ok
14:58:30.0606 0x16c8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
14:58:30.0637 0x16c8 stornvme - ok
14:58:30.0653 0x16c8 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
14:58:30.0684 0x16c8 StorSvc - ok
14:58:30.0700 0x16c8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
14:58:30.0731 0x16c8 storvsc - ok
14:58:30.0747 0x16c8 [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
14:58:30.0762 0x16c8 storvsp - ok
14:58:30.0778 0x16c8 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
14:58:30.0809 0x16c8 svsvc - ok
14:58:30.0809 0x16c8 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
14:58:30.0825 0x16c8 swenum - ok
14:58:30.0856 0x16c8 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
14:58:30.0903 0x16c8 swprv - ok
14:58:30.0903 0x16c8 SWUpdateService - ok
14:58:30.0950 0x16c8 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
14:58:30.0997 0x16c8 SysMain - ok
14:58:31.0013 0x16c8 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:58:31.0044 0x16c8 SystemEventsBroker - ok
14:58:31.0044 0x16c8 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:58:31.0075 0x16c8 TabletInputService - ok
14:58:31.0091 0x16c8 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:58:31.0106 0x16c8 TapiSrv - ok
14:58:31.0184 0x16c8 [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
14:58:31.0309 0x16c8 Tcpip - ok
14:58:31.0388 0x16c8 [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:58:31.0497 0x16c8 TCPIP6 - ok
14:58:31.0513 0x16c8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
14:58:31.0528 0x16c8 tcpipreg - ok
14:58:31.0544 0x16c8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
14:58:31.0559 0x16c8 tdx - ok
14:58:31.0575 0x16c8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
14:58:31.0591 0x16c8 terminpt - ok
14:58:31.0622 0x16c8 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
14:58:31.0669 0x16c8 TermService - ok
14:58:31.0684 0x16c8 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
14:58:31.0716 0x16c8 Themes - ok
14:58:31.0716 0x16c8 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
14:58:31.0731 0x16c8 THREADORDER - ok
14:58:31.0731 0x16c8 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
14:58:31.0763 0x16c8 TimeBroker - ok
14:58:31.0778 0x16c8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
14:58:31.0794 0x16c8 TPM - ok
14:58:31.0809 0x16c8 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
14:58:31.0825 0x16c8 TrkWks - ok
14:58:31.0825 0x16c8 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:58:31.0841 0x16c8 TrustedInstaller - ok
14:58:31.0856 0x16c8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
14:58:31.0872 0x16c8 TsUsbFlt - ok
14:58:31.0872 0x16c8 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:58:31.0888 0x16c8 TsUsbGD - ok
14:58:31.0903 0x16c8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
14:58:31.0919 0x16c8 tunnel - ok
14:58:31.0934 0x16c8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
14:58:31.0950 0x16c8 uagp35 - ok
14:58:31.0966 0x16c8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
14:58:31.0981 0x16c8 UASPStor - ok
14:58:31.0997 0x16c8 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
14:58:32.0044 0x16c8 UCX01000 - ok
14:58:32.0059 0x16c8 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
14:58:32.0106 0x16c8 udfs - ok
14:58:32.0122 0x16c8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
14:58:32.0138 0x16c8 UEFI - ok
14:58:32.0153 0x16c8 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
14:58:32.0184 0x16c8 UI0Detect - ok
14:58:32.0200 0x16c8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
14:58:32.0216 0x16c8 uliagpkx - ok
14:58:32.0231 0x16c8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
14:58:32.0263 0x16c8 umbus - ok
14:58:32.0263 0x16c8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
14:58:32.0294 0x16c8 UmPass - ok
14:58:32.0309 0x16c8 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
14:58:32.0341 0x16c8 UmRdpService - ok
14:58:32.0356 0x16c8 [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:58:32.0388 0x16c8 UNS - ok
14:58:32.0403 0x16c8 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:58:32.0466 0x16c8 upnphost - ok
14:58:32.0466 0x16c8 [ 8047D8AFA070A4C3B9FCBDBF77A84C45, D8B47716EE57391E3B9CBE3B35FF1F933F08E40B1C8C12EB5BE2438D9E409FF0 ] usb3Hub C:\WINDOWS\System32\drivers\usb3Hub.sys
14:58:32.0497 0x16c8 usb3Hub - ok
14:58:32.0497 0x16c8 [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
14:58:32.0528 0x16c8 usbccgp - ok
14:58:32.0544 0x16c8 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
14:58:32.0575 0x16c8 usbcir - ok
14:58:32.0591 0x16c8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
14:58:32.0622 0x16c8 usbehci - ok
14:58:32.0638 0x16c8 [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
14:58:32.0669 0x16c8 usbhub - ok
14:58:32.0700 0x16c8 [ 83C9C45D59C72FEFDAE9A5686BE31FEA, 12FC2C3C3C5CD5F2EFBAA11A1AD06FDD7DDB6EECF6F2684BBAAF88198D976316 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
14:58:32.0731 0x16c8 USBHUB3 - ok
14:58:32.0747 0x16c8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
14:58:32.0763 0x16c8 usbohci - ok
14:58:32.0763 0x16c8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
14:58:32.0778 0x16c8 usbprint - ok
14:58:32.0794 0x16c8 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:58:32.0809 0x16c8 usbscan - ok
14:58:32.0825 0x16c8 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:58:32.0841 0x16c8 USBSTOR - ok
14:58:32.0856 0x16c8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
14:58:32.0872 0x16c8 usbuhci - ok
14:58:32.0888 0x16c8 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
14:58:32.0919 0x16c8 usbvideo - ok
14:58:32.0934 0x16c8 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:58:32.0950 0x16c8 USBXHCI - ok
14:58:32.0950 0x16c8 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
14:58:32.0966 0x16c8 VaultSvc - ok
14:58:32.0981 0x16c8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
14:58:32.0997 0x16c8 vdrvroot - ok
14:58:33.0028 0x16c8 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
14:58:33.0091 0x16c8 vds - ok
14:58:33.0106 0x16c8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
14:58:33.0138 0x16c8 VerifierExt - ok
14:58:33.0153 0x16c8 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
14:58:33.0200 0x16c8 vhdmp - ok
14:58:33.0200 0x16c8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
14:58:33.0216 0x16c8 viaide - ok
14:58:33.0231 0x16c8 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys
14:58:33.0263 0x16c8 Vid - ok
14:58:33.0263 0x16c8 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
14:58:33.0278 0x16c8 vmbus - ok
14:58:33.0294 0x16c8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
14:58:33.0294 0x16c8 VMBusHID - ok
14:58:33.0310 0x16c8 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
14:58:33.0325 0x16c8 vmbusr - ok
14:58:33.0356 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:58:33.0388 0x16c8 vmicguestinterface - ok
14:58:33.0403 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
14:58:33.0435 0x16c8 vmicheartbeat - ok
14:58:33.0450 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:58:33.0497 0x16c8 vmickvpexchange - ok
14:58:33.0513 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
14:58:33.0528 0x16c8 vmicrdv - ok
14:58:33.0560 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
14:58:33.0575 0x16c8 vmicshutdown - ok
14:58:33.0591 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
14:58:33.0622 0x16c8 vmictimesync - ok
14:58:33.0638 0x16c8 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
14:58:33.0669 0x16c8 vmicvss - ok
14:58:33.0685 0x16c8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
14:58:33.0700 0x16c8 volmgr - ok
14:58:33.0716 0x16c8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
14:58:33.0747 0x16c8 volmgrx - ok
14:58:33.0763 0x16c8 [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
14:58:33.0794 0x16c8 volsnap - ok
14:58:33.0810 0x16c8 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
14:58:33.0825 0x16c8 vpci - ok
14:58:33.0841 0x16c8 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
14:58:33.0856 0x16c8 vpcivsp - ok
14:58:33.0856 0x16c8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
14:58:33.0888 0x16c8 vsmraid - ok
14:58:33.0950 0x16c8 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
14:58:34.0044 0x16c8 VSS - ok
14:58:34.0060 0x16c8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
14:58:34.0106 0x16c8 VSTXRAID - ok
14:58:34.0106 0x16c8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
14:58:34.0138 0x16c8 vwifibus - ok
14:58:34.0138 0x16c8 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
14:58:34.0169 0x16c8 vwififlt - ok
14:58:34.0169 0x16c8 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
14:58:34.0185 0x16c8 vwifimp - ok
14:58:34.0200 0x16c8 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
14:58:34.0231 0x16c8 W32Time - ok
14:58:34.0247 0x16c8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
14:58:34.0263 0x16c8 WacomPen - ok
14:58:34.0310 0x16c8 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
14:58:34.0372 0x16c8 wbengine - ok
14:58:34.0403 0x16c8 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
14:58:34.0419 0x16c8 WbioSrvc - ok
14:58:34.0435 0x16c8 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
14:58:34.0466 0x16c8 Wcmsvc - ok
14:58:34.0481 0x16c8 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
14:58:34.0528 0x16c8 wcncsvc - ok
14:58:34.0528 0x16c8 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:58:34.0544 0x16c8 WcsPlugInService - ok
14:58:34.0560 0x16c8 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
14:58:34.0575 0x16c8 WdBoot - ok
14:58:34.0591 0x16c8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
14:58:34.0653 0x16c8 Wdf01000 - ok
14:58:34.0669 0x16c8 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
14:58:34.0716 0x16c8 WdFilter - ok
14:58:34.0731 0x16c8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
14:58:34.0747 0x16c8 WdiServiceHost - ok
14:58:34.0763 0x16c8 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
14:58:34.0778 0x16c8 WdiSystemHost - ok
14:58:34.0794 0x16c8 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:58:34.0810 0x16c8 WdNisDrv - ok
14:58:34.0810 0x16c8 WdNisSvc - ok
14:58:34.0825 0x16c8 [ D261A12A43D33122CB90E70D3BC1CC68, 1B5237909CDD5DC4982599E94C2AAC37FEA6B1C282249DEB13E84A826C6E4B01 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:58:34.0856 0x16c8 WebClient - ok
14:58:34.0872 0x16c8 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
14:58:34.0888 0x16c8 Wecsvc - ok
14:58:34.0903 0x16c8 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
14:58:34.0919 0x16c8 WEPHOSTSVC - ok
14:58:34.0935 0x16c8 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
14:58:34.0950 0x16c8 wercplsupport - ok
14:58:34.0950 0x16c8 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
14:58:34.0966 0x16c8 WerSvc - ok
14:58:34.0981 0x16c8 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
14:58:35.0013 0x16c8 WFPLWFS - ok
14:58:35.0013 0x16c8 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
14:58:35.0028 0x16c8 WiaRpc - ok
14:58:35.0044 0x16c8 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
14:58:35.0060 0x16c8 WIMMount - ok
14:58:35.0060 0x16c8 WinDefend - ok
14:58:35.0091 0x16c8 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:58:35.0122 0x16c8 WinHttpAutoProxySvc - ok
14:58:35.0138 0x16c8 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:58:35.0169 0x16c8 Winmgmt - ok
14:58:35.0231 0x16c8 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:58:35.0341 0x16c8 WinRM - ok
14:58:35.0403 0x16c8 [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
14:58:35.0466 0x16c8 WlanSvc - ok
14:58:35.0513 0x16c8 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
14:58:35.0575 0x16c8 wlidsvc - ok
14:58:35.0591 0x16c8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
14:58:35.0607 0x16c8 WmiAcpi - ok
14:58:35.0607 0x16c8 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:58:35.0622 0x16c8 wmiApSrv - ok
14:58:35.0638 0x16c8 WMPNetworkSvc - ok
14:58:35.0638 0x16c8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
14:58:35.0669 0x16c8 Wof - ok
14:58:35.0716 0x16c8 [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
14:58:35.0778 0x16c8 workfolderssvc - ok
14:58:35.0794 0x16c8 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:58:35.0810 0x16c8 wpcfltr - ok
14:58:35.0825 0x16c8 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
14:58:35.0841 0x16c8 WPCSvc - ok
14:58:35.0841 0x16c8 [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
14:58:35.0872 0x16c8 WPDBusEnum - ok
14:58:35.0872 0x16c8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:58:35.0888 0x16c8 WpdUpFltr - ok
14:58:35.0888 0x16c8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:58:35.0903 0x16c8 ws2ifsl - ok
14:58:35.0919 0x16c8 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
14:58:35.0935 0x16c8 wscsvc - ok
14:58:35.0935 0x16c8 WSearch - ok
14:58:36.0044 0x16c8 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
14:58:36.0200 0x16c8 WSService - ok
14:58:36.0310 0x16c8 [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv C:\WINDOWS\system32\wuaueng.dll
14:58:36.0435 0x16c8 wuauserv - ok
14:58:36.0466 0x16c8 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
14:58:36.0482 0x16c8 WudfPf - ok
14:58:36.0482 0x16c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
14:58:36.0513 0x16c8 WUDFRd - ok
14:58:36.0513 0x16c8 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
14:58:36.0528 0x16c8 wudfsvc - ok
14:58:36.0544 0x16c8 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:58:36.0560 0x16c8 WUDFWpdFs - ok
14:58:36.0575 0x16c8 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
14:58:36.0622 0x16c8 WwanSvc - ok
14:58:36.0638 0x16c8 [ 24E57041608ED6A9D7FDAD0D9EC214E2, 895A16072F5EFFF57A7DCA21917540726BF816A2746EC47A066AAD363F69E5D7 ] XHCIPort C:\WINDOWS\System32\drivers\XHCIPort.sys
14:58:36.0653 0x16c8 XHCIPort - ok
14:58:36.0810 0x16c8 [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
14:58:36.0982 0x16c8 ZeroConfigService - ok
14:58:37.0013 0x16c8 ================ Scan global ===============================
14:58:37.0013 0x16c8 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
14:58:37.0028 0x16c8 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
14:58:37.0044 0x16c8 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
14:58:37.0060 0x16c8 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
14:58:37.0075 0x16c8 [ Global ] - ok
14:58:37.0075 0x16c8 ================ Scan MBR ==================================
14:58:37.0075 0x16c8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:58:37.0107 0x16c8 \Device\Harddisk0\DR0 - ok
14:58:37.0107 0x16c8 ================ Scan VBR ==================================
14:58:37.0107 0x16c8 [ A12543C248ED33763DE34E524C26A4AA ] \Device\Harddisk0\DR0\Partition1
14:58:37.0107 0x16c8 \Device\Harddisk0\DR0\Partition1 - ok
14:58:37.0107 0x16c8 [ 7E3150FE0A62EBB882AA6913717725C9 ] \Device\Harddisk0\DR0\Partition2
14:58:37.0107 0x16c8 \Device\Harddisk0\DR0\Partition2 - ok
14:58:37.0122 0x16c8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
14:58:37.0122 0x16c8 \Device\Harddisk0\DR0\Partition3 - ok
14:58:37.0122 0x16c8 [ 0A1AD667193F7C4799DEF6180DF14BD0 ] \Device\Harddisk0\DR0\Partition4
14:58:37.0122 0x16c8 \Device\Harddisk0\DR0\Partition4 - ok
14:58:37.0122 0x16c8 [ 98618B3666DF79226A2EA3D5AF7A526B ] \Device\Harddisk0\DR0\Partition5
14:58:37.0122 0x16c8 \Device\Harddisk0\DR0\Partition5 - ok
14:58:37.0122 0x16c8 [ 100F103E0B0371D24DDBB9966B780AAA ] \Device\Harddisk0\DR0\Partition6
14:58:37.0138 0x16c8 \Device\Harddisk0\DR0\Partition6 - ok
14:58:37.0138 0x16c8 [ FD183BA4B003BE33E08E83F0518624FB ] \Device\Harddisk0\DR0\Partition7
14:58:37.0138 0x16c8 \Device\Harddisk0\DR0\Partition7 - ok
14:58:37.0138 0x16c8 ================ Scan generic autorun ======================
14:58:37.0482 0x16c8 [ 668232EFD0C3C6DCC32126005924A426, F93D1835D95BD54B6BDE4521A6DBFD001D482950F0F62E06A1E1AEBF93C8B372 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:58:37.0903 0x16c8 RtHDVCpl - ok
14:58:37.0950 0x16c8 [ 0C046846A7EEBC5262D9FE8C8BB5D03C, ABB1A4FA23AD6F57E1962E2F071EE707BC47BEDDED0677F57E6C7AE401994445 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:58:37.0982 0x16c8 RtHDVBg - ok
14:58:38.0029 0x16c8 [ 0C046846A7EEBC5262D9FE8C8BB5D03C, ABB1A4FA23AD6F57E1962E2F071EE707BC47BEDDED0677F57E6C7AE401994445 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:58:38.0075 0x16c8 RtHDVBg_SRSSA - ok
14:58:38.0091 0x16c8 ETDCtrl - ok
14:58:38.0091 0x16c8 BTMTrayAgent - ok
14:58:38.0122 0x16c8 [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
14:58:38.0138 0x16c8 AdobeAAMUpdater-1.0 - ok
14:58:38.0247 0x16c8 [ D3C723B416CF95544437A74A912A7481, BA4F4C3D9FDF27F720F31237DAEF9FBC2AB94700F0213BCFD282DF6453D0DC7B ] C:\Program Files\Bitcasa\Bitcasa.exe
14:58:38.0357 0x16c8 Bitcasa - detected UnsignedFile.Multi.Generic ( 1 )
14:58:40.0841 0x16c8 Detect skipped due to KSN trusted
14:58:40.0841 0x16c8 Bitcasa - ok
14:58:40.0872 0x16c8 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:58:40.0919 0x16c8 Adobe ARM - ok
14:58:40.0935 0x16c8 [ D2756EDAAA3089C3256749439C1CBF97, 79783FD849C18A21F3C290EC10B46F448B620F243CF9B14082BD49A9C40560F3 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
14:58:40.0951 0x16c8 KiesTrayAgent - ok
14:58:40.0951 0x16c8 [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
14:58:40.0966 0x16c8 RemoteControl10 - ok
14:58:40.0982 0x16c8 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
14:58:40.0982 0x16c8 BCSSync - ok
14:58:41.0013 0x16c8 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:58:41.0044 0x16c8 avgnt - ok
14:58:41.0044 0x16c8 [ DDEFF7E98629203E66BB4298FABC5983, 59CBE0A49AAA93898831B1D64FFB1D0809736CABB4D19843DB2E99C2650D1AD9 ] C:\Program Files (x86)\PDF24\pdf24.exe
14:58:41.0076 0x16c8 PDFPrint - ok
14:58:41.0076 0x16c8 [ 1E873743DEC469609C35275C5557B34D, EC8952601B4643B9B82DA5B7C5A85DD19CC1F07889A2B69E4FCCDCAC296A9FA1 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
14:58:41.0107 0x16c8 Avira Systray - ok
14:58:41.0154 0x16c8 [ CD8A83EEF6DBE6EA9583983E63EC6CBB, 76E7C00DC232D4396C376B913B0ED452039942B6C53B42B8FD122D8BBF06901E ] C:\WINDOWS\SysWOW64\svchospt.exe
14:58:41.0201 0x16c8 svchospt - detected UnsignedFile.Multi.Generic ( 1 )
14:58:43.0623 0x16c8 Detect skipped due to KSN trusted
14:58:43.0623 0x16c8 svchospt - ok
14:58:43.0638 0x16c8 [ 6F2F1363BBCD85F9DE016D84AB15E476, 0FEC56E5E0781124F47AC35940B6BB82116023ED47E5E67C1483B031BB10854C ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
14:58:43.0654 0x16c8 Sony PC Companion - ok
14:58:43.0685 0x16c8 [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe
14:58:43.0716 0x16c8 f.lux - ok
14:58:43.0716 0x16c8 Waiting for KSN requests completion. In queue: 105
14:58:44.0732 0x16c8 Waiting for KSN requests completion. In queue: 105
14:58:45.0748 0x16c8 Waiting for KSN requests completion. In queue: 105
14:58:46.0779 0x16c8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
14:58:46.0795 0x16c8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
14:58:46.0795 0x16c8 Win FW state via NFP2: enabled
14:58:49.0185 0x16c8 ============================================================
14:58:49.0185 0x16c8 Scan finished
14:58:49.0185 0x16c8 ============================================================
14:58:49.0185 0x1684 Detected object count: 0
14:58:49.0185 0x1684 Actual detected object count: 0
|
|
24.08.2014, 06:44
| #8 |
| /// the machine /// TB-Ausbilder | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [svchospt] => C:\WINDOWS\SysWOW64\svchospt.exe [913408 2014-05-03] (FK2)
C:\WINDOWS\SysWOW64\svchospt.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.08.2014, 14:53
| #9 |
| | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefundenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-08-2014 01
Ran by rahim at 2014-08-24 13:48:17 Run:1
Running from C:\Users\rahim\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM-x32\...\Run: [svchospt] => C:\WINDOWS\SysWOW64\svchospt.exe [913408 2014-05-03] (FK2)
C:\WINDOWS\SysWOW64\svchospt.exe
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\svchospt => value deleted successfully.
C:\WINDOWS\SysWOW64\svchospt.exe => Moved successfully.
==== End of Fixlog ====
Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 24/08/2014 um 15:26:07
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : ***** - *****
# Gestartet von : C:\Users\*****\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [2344 octets] - [26/07/2014 12:03:55]
AdwCleaner[R1].txt - [2315 octets] - [26/07/2014 12:09:41]
AdwCleaner[R2].txt - [1484 octets] - [24/08/2014 15:24:41]
AdwCleaner[S0].txt - [2330 octets] - [26/07/2014 12:12:25]
AdwCleaner[S1].txt - [1355 octets] - [24/08/2014 15:26:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1415 octets] ##########
JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro x64
Ran by ***** on 24.08.2014 at 15:30:55,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\9lf6dlbz.default\minidumps [16 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.08.2014 at 15:36:22,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 01
Ran by ***** (administrator) on ***** on 24-08-2014 15:43:04
Running from C:\Users\*****\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Flux Software LLC) C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_SRSSA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1260256 2013-01-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2892080 2013-06-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Bitcasa] => C:\Program Files\Bitcasa\Bitcasa.exe [4365824 2012-12-27] (Bitcasa, Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310640 2013-03-07] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-641122288-3688080229-732055666-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [467680 2014-07-30] (Sony)
HKU\S-1-5-21-641122288-3688080229-732055666-1001\...\Run: [f.lux] => C:\Users\*****\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: 1EldosIconOverlay -> {8BC7308A-9206-4552-96D7-FDDFD2688180} => C:\windows\SYSTEM32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: BitcasaIconOverlay -> {A6975448-A999-49BB-B3E4-7730CF6A82C0} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: BitcasaProgressOverlay -> {6FB8D52A-0064-45B2-B687-F596FEAD09C2} => C:\Program Files\Bitcasa\ExplorerMenu.dll (Bitcasa, Inc)
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: 1EldosIconOverlay -> {8BC7308A-9206-4552-96D7-FDDFD2688180} => C:\windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com/?pc=smjb
SearchScopes: HKLM - {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB
SearchScopes: HKLM-x32 - {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=SMJB
SearchScopes: HKCU - {0A54FFB7-AFC1-4FB3-A716-A1C7ED45FD34} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: PrivacyChoice TrackerBlock - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\Extensions\trackerblock@privacychoice.org.xpi [2014-06-12]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\9lf6dlbz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-05]
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-12]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-12]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-12]
CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-12]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-12]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [172104 2013-01-26] (Adobe Systems Incorporated)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1594416 2013-02-28] (Samsung Electronics CO., LTD.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB Card Reader\RIconMan.exe [2466448 2012-09-13] (Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55720 2012-12-21] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3017776 2013-07-12] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-07-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-07-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
S3 AtiDCM; C:\AMD\WU-CCC2\ccc2_install\Support64\atdcm64a.sys [28416 2014-03-13] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1337216 2012-10-01] (Motorola Solutions, Inc.)
R1 cbfs3; C:\windows\system32\drivers\cbfs3.sys [352456 2012-08-06] (EldoS Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-06-04] (ELAN Microelectronic Corp.)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [29096 2012-12-21] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104872 2012-12-21] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-09] (Corel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-07-23] (Microsoft Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-07-23] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-24 15:36 - 2014-08-24 15:36 - 00000750 _____ () C:\Users\*****\Desktop\JRT.txt
2014-08-24 15:30 - 2014-08-24 15:30 - 01016261 _____ (Thisisu) C:\Users\*****\Desktop\JRT.exe
2014-08-24 15:30 - 2014-08-24 15:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-24 15:24 - 2014-08-24 15:24 - 01364531 _____ () C:\Users\*****\Desktop\adwcleaner_3.308.exe
2014-08-24 13:44 - 2014-08-24 13:44 - 00000000 ____D () C:\Users\*****\Downloads\FRST-OlderVersion
2014-08-23 14:56 - 2014-08-23 14:57 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\*****\Desktop\tdsskiller.exe
2014-08-22 11:45 - 2014-08-22 11:46 - 00013540 _____ () C:\WINDOWS\DPINST.LOG
2014-08-22 11:45 - 2014-08-22 11:45 - 00002042 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-08-20 17:43 - 2014-08-20 17:43 - 01110476 _____ () C:\Users\*****\Downloads\7z920.exe
2014-08-20 17:43 - 2014-08-20 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-20 17:43 - 2014-08-20 17:43 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-08-20 17:14 - 2014-08-24 15:26 - 00000668 _____ () C:\WINDOWS\PFRO.log
2014-08-20 16:58 - 2014-08-20 16:58 - 00002693 _____ () C:\Users\*****\Desktop\gmr.log
2014-08-20 16:53 - 2014-08-20 16:53 - 00380416 _____ () C:\Users\*****\Downloads\e5kiyg3y.exe
2014-08-20 16:51 - 2014-08-20 16:51 - 00046083 _____ () C:\Users\*****\Downloads\Addition.txt
2014-08-20 16:50 - 2014-08-24 15:43 - 00018529 _____ () C:\Users\*****\Downloads\FRST.txt
2014-08-20 16:50 - 2014-08-24 15:43 - 00000000 ____D () C:\FRST
2014-08-20 16:49 - 2014-08-24 13:44 - 02103296 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-08-20 16:48 - 2014-08-20 16:48 - 00000472 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-08-20 16:48 - 2014-08-20 16:48 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-08-20 16:47 - 2014-08-20 16:47 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-08-20 16:46 - 2014-08-24 15:28 - 00000000 ____D () C:\Users\*****\Desktop\virenproblem
2014-08-20 15:01 - 2014-08-20 15:01 - 00009811 _____ () C:\Users\*****\Downloads\Mappe1.xlsx
2014-08-17 13:52 - 2014-08-17 13:57 - 00000000 ____D () C:\Users\*****\Desktop\Cam 17.8.14
2014-08-13 21:24 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-08-13 11:01 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-13 11:01 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-13 11:01 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-13 11:01 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-13 11:01 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-13 11:01 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-13 11:01 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-13 11:01 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-13 11:01 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-13 11:01 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-13 11:01 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-13 11:01 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-13 11:01 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-13 11:01 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-13 11:01 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-13 11:01 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-13 11:01 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-13 11:01 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-13 11:01 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-13 11:01 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 11:01 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-13 11:01 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-13 11:01 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-13 11:01 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-13 11:01 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-13 11:01 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-13 11:01 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-13 11:01 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-13 11:01 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-13 11:01 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-13 11:01 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-13 11:01 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-13 11:01 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-13 11:01 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-13 11:01 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-13 11:01 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-13 11:01 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-13 11:01 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-13 11:01 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-13 11:01 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-13 11:01 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-13 11:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-13 11:00 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-13 11:00 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-13 10:58 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-13 10:58 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-13 10:58 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-13 10:58 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-13 10:58 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-13 10:58 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-13 10:58 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-13 10:58 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-13 10:58 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-13 10:58 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-13 10:58 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-13 10:58 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-13 10:58 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-13 10:58 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-13 10:58 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-13 10:58 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-13 10:58 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-13 10:58 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-13 10:58 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-13 10:58 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-13 10:58 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-13 10:58 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-13 10:58 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-13 10:58 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-13 10:58 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-13 10:58 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-13 10:58 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-13 10:58 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-13 10:58 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-13 10:58 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-13 10:58 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-13 10:58 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-13 10:58 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-13 10:58 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-13 10:58 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-13 10:58 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-13 10:58 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-13 10:58 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-13 10:58 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-13 10:58 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-13 10:58 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-13 10:58 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-13 10:58 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-13 10:58 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-13 10:58 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-08-13 10:58 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-08-13 10:58 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-08-13 10:58 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-08-13 10:58 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-13 10:58 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-13 10:58 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-13 10:58 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-13 10:58 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-13 10:58 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-08-13 10:56 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-13 10:56 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-13 10:56 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-13 10:56 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-13 10:56 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-13 10:56 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-13 10:56 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-13 10:56 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-13 10:56 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-13 10:56 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-13 10:56 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-12 15:23 - 2014-08-12 15:26 - 00000000 ____D () C:\Program Files (x86)\ParentsFriend8
2014-08-12 15:23 - 2014-03-19 18:58 - 01194144 _____ (WeOnlyDo! Software) C:\WINDOWS\SysWOW64\wodSmtp.ocx
2014-08-12 15:23 - 2010-09-07 07:47 - 00192512 _____ (-) C:\WINDOWS\SysWOW64\pfadmin.exe
2014-08-12 15:23 - 2010-03-15 15:11 - 00000394 _____ () C:\WINDOWS\SysWOW64\pfadmin.exe.manifest
2014-08-12 15:23 - 2005-11-27 21:08 - 00372736 _____ () C:\WINDOWS\SysWOW64\CoolXPCheck.ocx
2014-08-12 15:23 - 2005-11-27 21:07 - 00491520 _____ () C:\WINDOWS\SysWOW64\CoolXPButton.ocx
2014-08-12 15:23 - 2005-11-27 21:07 - 00417792 _____ () C:\WINDOWS\SysWOW64\CoolXPCombo.ocx
2014-08-12 15:23 - 2005-11-27 21:07 - 00262144 _____ () C:\WINDOWS\SysWOW64\CoolXPFrame.ocx
2014-08-12 15:23 - 2005-11-27 21:06 - 00360448 _____ () C:\WINDOWS\SysWOW64\CoolXPLabel.ocx
2014-08-12 15:23 - 2005-02-05 12:41 - 00024576 _____ (Text & Redaktion) C:\WINDOWS\SysWOW64\ScreenShotOCX.ocx
2014-08-12 15:23 - 2004-03-09 00:00 - 00260880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msflxgrd.ocx
2014-08-12 15:23 - 2003-02-07 01:02 - 00424448 _____ ( Developer Express Inc.) C:\WINDOWS\SysWOW64\dXTList.dll
2014-08-12 15:23 - 2002-04-05 10:32 - 00327680 _____ (DBI Technologies Inc.) C:\WINDOWS\SysWOW64\ctSchedule.ocx
2014-08-12 15:23 - 2001-05-24 11:20 - 00544256 _____ () C:\WINDOWS\SysWOW64\janGraphics.dll
2014-08-12 15:23 - 2000-12-22 00:00 - 00699392 _____ (Stinga) C:\WINDOWS\SysWOW64\BEEGD10.ocx
2014-08-12 15:23 - 2000-06-28 01:00 - 00124416 _____ () C:\WINDOWS\SysWOW64\dXCtrls.dll
2014-08-12 15:23 - 1999-05-06 23:00 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Comdlg32.ocx
2014-08-12 15:23 - 1998-06-24 00:00 - 00209192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Tabctl32.ocx
2014-08-12 15:23 - 1998-06-24 00:00 - 00115016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Msinet.ocx
2014-08-12 15:23 - 1998-06-23 23:00 - 00108336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWINSCK.OCX
2014-08-12 15:22 - 2014-08-12 15:22 - 04897516 _____ (Michael Müller ) C:\Users\*****\Downloads\pfsetup8.exe
2014-08-12 11:28 - 2014-08-12 11:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\jpg-Illuminator
2014-08-12 11:27 - 2014-08-12 11:27 - 13483938 _____ () C:\Users\*****\Downloads\JPG-Illuminator_v459.zip
2014-08-12 11:26 - 2014-08-12 11:26 - 01101648 _____ () C:\Users\*****\Downloads\JPG Illuminator - CHIP-Installer.exe
2014-08-09 18:37 - 2014-08-24 15:25 - 00019446 _____ () C:\Users\*****\Desktop\Mappe1.xlsx
2014-08-04 22:07 - 2014-08-04 22:07 - 04812672 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup415.exe
2014-08-04 22:07 - 2014-08-04 22:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-29 12:40 - 2014-08-01 16:22 - 00010576 _____ () C:\Users\*****\Desktop\Planung Karriere.xlsx
2014-07-27 13:40 - 2014-07-29 12:05 - 00011148 _____ () C:\Users\*****\Desktop\IMPORTANNNNTTTT.xlsx
2014-07-27 10:09 - 2014-07-27 10:09 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-26 12:14 - 2014-07-26 12:14 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-26 12:09 - 2014-07-26 12:09 - 01354223 _____ () C:\Users\*****\Downloads\adwcleaner_3.216.exe
2014-07-26 12:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-26 12:02 - 2014-08-24 15:26 - 00000000 ____D () C:\AdwCleaner
2014-07-26 12:02 - 2014-07-26 12:02 - 00826192 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\AdwCleaner - CHIP-Installer.exe
2014-07-26 11:46 - 2014-08-23 21:17 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-26 11:46 - 2014-07-26 11:46 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-26 11:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-26 11:46 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-26 11:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-26 11:45 - 2014-07-26 11:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-26 10:54 - 2014-07-26 10:54 - 04430600 _____ (Avira Operations GmbH & Co. KG) C:\Users\*****\Downloads\avira_de_av___ws2.exe
2014-07-25 10:39 - 2014-07-25 10:39 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-25 10:39 - 2014-07-21 22:03 - 00036096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmpfd.sys
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Program Files\AMD
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\AMD
2014-07-25 10:33 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-07-25 10:33 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-07-25 10:33 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ATI
2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Local\ATI
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-24 15:43 - 2014-08-20 16:50 - 00018529 _____ () C:\Users\*****\Downloads\FRST.txt
2014-08-24 15:43 - 2014-08-20 16:50 - 00000000 ____D () C:\FRST
2014-08-24 15:40 - 2014-06-12 17:30 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 15:40 - 2014-03-29 01:19 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-641122288-3688080229-732055666-1001
2014-08-24 15:36 - 2014-08-24 15:36 - 00000750 _____ () C:\Users\*****\Desktop\JRT.txt
2014-08-24 15:32 - 2014-03-18 12:04 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-24 15:32 - 2014-03-18 11:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-24 15:32 - 2014-03-18 11:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-24 15:30 - 2014-08-24 15:30 - 01016261 _____ (Thisisu) C:\Users\*****\Desktop\JRT.exe
2014-08-24 15:30 - 2014-08-24 15:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-24 15:30 - 2013-07-30 15:48 - 00000000 ____D () C:\ProgramData\WinClon
2014-08-24 15:29 - 2014-07-23 12:19 - 00000000 __RDO () C:\Users\*****\OneDrive
2014-08-24 15:29 - 2014-06-06 21:02 - 00000000 ___RD () C:\Users\*****\Dropbox
2014-08-24 15:29 - 2014-06-06 20:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Dropbox
2014-08-24 15:28 - 2014-08-20 16:46 - 00000000 ____D () C:\Users\*****\Desktop\virenproblem
2014-08-24 15:27 - 2014-06-12 17:30 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 15:26 - 2014-08-20 17:14 - 00000668 _____ () C:\WINDOWS\PFRO.log
2014-08-24 15:26 - 2014-07-26 12:02 - 00000000 ____D () C:\AdwCleaner
2014-08-24 15:26 - 2014-07-23 11:33 - 01515277 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-24 15:26 - 2014-05-05 13:19 - 00000212 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2014-08-24 15:26 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-24 15:26 - 2013-08-22 16:44 - 03418112 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-24 15:26 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-24 15:25 - 2014-08-09 18:37 - 00019446 _____ () C:\Users\*****\Desktop\Mappe1.xlsx
2014-08-24 15:24 - 2014-08-24 15:24 - 01364531 _____ () C:\Users\*****\Desktop\adwcleaner_3.308.exe
2014-08-24 15:24 - 2014-05-03 15:45 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Skype
2014-08-24 15:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-24 13:44 - 2014-08-24 13:44 - 00000000 ____D () C:\Users\*****\Downloads\FRST-OlderVersion
2014-08-24 13:44 - 2014-08-20 16:49 - 02103296 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2014-08-23 21:17 - 2014-07-26 11:46 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-23 14:57 - 2014-08-23 14:56 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\*****\Desktop\tdsskiller.exe
2014-08-22 22:44 - 2014-07-23 11:28 - 00000000 ____D () C:\Users\*****
2014-08-22 19:53 - 2014-05-03 15:44 - 00000000 ____D () C:\ProgramData\Skype
2014-08-22 18:42 - 2014-05-06 13:30 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-08-22 18:34 - 2014-06-03 13:11 - 00000000 ____D () C:\Users\*****\Documents\Jari Ullah Sabir
2014-08-22 11:46 - 2014-08-22 11:45 - 00013540 _____ () C:\WINDOWS\DPINST.LOG
2014-08-22 11:45 - 2014-08-22 11:45 - 00002042 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-08-22 11:45 - 2014-04-05 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-08-22 11:45 - 2013-07-30 14:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-20 17:43 - 2014-08-20 17:43 - 01110476 _____ () C:\Users\*****\Downloads\7z920.exe
2014-08-20 17:43 - 2014-08-20 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-20 17:43 - 2014-08-20 17:43 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-08-20 16:58 - 2014-08-20 16:58 - 00002693 _____ () C:\Users\*****\Desktop\gmr.log
2014-08-20 16:53 - 2014-08-20 16:53 - 00380416 _____ () C:\Users\*****\Downloads\e5kiyg3y.exe
2014-08-20 16:51 - 2014-08-20 16:51 - 00046083 _____ () C:\Users\*****\Downloads\Addition.txt
2014-08-20 16:48 - 2014-08-20 16:48 - 00000472 _____ () C:\Users\*****\Downloads\defogger_disable.log
2014-08-20 16:48 - 2014-08-20 16:48 - 00000000 _____ () C:\Users\*****\defogger_reenable
2014-08-20 16:47 - 2014-08-20 16:47 - 00050477 _____ () C:\Users\*****\Downloads\Defogger.exe
2014-08-20 15:32 - 2014-07-23 12:25 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-20 15:01 - 2014-08-20 15:01 - 00009811 _____ () C:\Users\*****\Downloads\Mappe1.xlsx
2014-08-17 13:57 - 2014-08-17 13:52 - 00000000 ____D () C:\Users\*****\Desktop\Cam 17.8.14
2014-08-17 02:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-16 21:56 - 2014-06-06 21:01 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-16 11:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-08-13 22:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-13 21:56 - 2014-04-18 22:07 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-13 21:56 - 2014-04-18 22:06 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-13 21:55 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-13 14:08 - 2014-06-03 13:11 - 00000000 ____D () C:\Users\*****\Documents\Habib Ullah Sabir
2014-08-13 11:24 - 2014-08-13 11:24 - 00000000 ____D () C:\WINDOWS\PCHEALTH
2014-08-13 11:24 - 2014-05-05 13:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 10:55 - 2014-03-18 12:13 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-13 10:55 - 2014-03-18 12:13 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-13 10:55 - 2014-03-18 12:13 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-13 10:55 - 2014-03-18 12:12 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-13 10:55 - 2013-08-22 13:45 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-13 10:55 - 2013-08-22 13:44 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-13 10:55 - 2013-08-22 13:22 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-13 10:55 - 2013-08-22 13:21 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-13 10:55 - 2013-08-22 13:10 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-13 10:55 - 2013-08-22 13:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-13 10:55 - 2013-08-22 12:32 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-13 10:55 - 2013-08-22 06:17 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-13 10:55 - 2013-08-22 05:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-13 10:55 - 2013-08-22 05:46 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-13 10:55 - 2013-08-22 05:45 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-13 10:55 - 2013-08-22 05:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-13 10:55 - 2013-08-22 05:16 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-12 15:26 - 2014-08-12 15:23 - 00000000 ____D () C:\Program Files (x86)\ParentsFriend8
2014-08-12 15:22 - 2014-08-12 15:22 - 04897516 _____ (Michael Müller ) C:\Users\*****\Downloads\pfsetup8.exe
2014-08-12 11:28 - 2014-08-12 11:28 - 00000000 ____D () C:\Users\*****\AppData\Roaming\jpg-Illuminator
2014-08-12 11:27 - 2014-08-12 11:27 - 13483938 _____ () C:\Users\*****\Downloads\JPG-Illuminator_v459.zip
2014-08-12 11:26 - 2014-08-12 11:26 - 01101648 _____ () C:\Users\*****\Downloads\JPG Illuminator - CHIP-Installer.exe
2014-08-07 19:31 - 2013-07-30 14:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-07 19:30 - 2014-07-22 11:49 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-07 19:30 - 2014-05-05 13:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-07 19:30 - 2014-05-05 13:23 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-07 04:12 - 2014-08-13 10:56 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:39 - 2014-08-13 10:56 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-04 22:08 - 2014-04-11 14:26 - 00000000 ____D () C:\Users\*****\AppData\Local\CrashDumps
2014-08-04 22:07 - 2014-08-04 22:07 - 04812672 _____ (Piriform Ltd) C:\Users\*****\Downloads\ccsetup415.exe
2014-08-04 22:07 - 2014-08-04 22:07 - 00002772 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 22:07 - 2014-08-04 22:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-02 05:56 - 2014-08-13 10:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-02 05:11 - 2014-08-13 21:24 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-01 16:22 - 2014-07-29 12:40 - 00010576 _____ () C:\Users\*****\Desktop\Planung Karriere.xlsx
2014-07-31 18:27 - 2014-06-23 10:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 15:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-07-29 12:05 - 2014-07-27 13:40 - 00011148 _____ () C:\Users\*****\Desktop\IMPORTANNNNTTTT.xlsx
2014-07-28 11:41 - 2014-06-03 13:11 - 00000000 ____D () C:\Users\*****\Documents\Safi Sabir
2014-07-27 10:56 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-27 10:09 - 2014-07-27 10:09 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-26 19:29 - 2014-06-04 16:17 - 00001035 _____ () C:\Users\*****\Desktop\Safi Sabir - Verknüpfung.lnk
2014-07-26 12:14 - 2014-07-26 12:14 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-26 12:09 - 2014-07-26 12:09 - 01354223 _____ () C:\Users\*****\Downloads\adwcleaner_3.216.exe
2014-07-26 12:02 - 2014-07-26 12:02 - 00826192 _____ (Chip Digital GmbH) C:\Users\*****\Downloads\AdwCleaner - CHIP-Installer.exe
2014-07-26 11:46 - 2014-07-26 11:46 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-26 11:46 - 2014-07-26 11:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-26 11:45 - 2014-07-26 11:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-26 10:54 - 2014-07-26 10:54 - 04430600 _____ (Avira Operations GmbH & Co. KG) C:\Users\*****\Downloads\avira_de_av___ws2.exe
2014-07-25 23:28 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-07-25 16:52 - 2014-08-13 11:01 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-25 15:51 - 2014-08-13 11:01 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-25 15:28 - 2014-08-13 11:01 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-13 11:01 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 11:01 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-07-25 14:59 - 2014-08-13 11:01 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-07-25 14:40 - 2014-08-13 11:01 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 11:01 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-25 14:30 - 2014-08-13 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 11:01 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 11:01 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 11:01 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-25 14:17 - 2014-08-13 11:01 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-25 14:10 - 2014-08-13 11:01 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-13 11:01 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 11:01 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 11:01 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 11:01 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 11:01 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-25 13:43 - 2014-08-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 11:01 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 11:01 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-25 13:34 - 2014-08-13 11:01 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 11:01 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 11:01 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 11:01 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-25 13:09 - 2014-08-13 11:01 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-25 13:07 - 2014-08-13 11:01 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-25 13:03 - 2014-08-13 11:01 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 11:01 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 11:01 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 11:01 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 11:01 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 11:01 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 11:01 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-25 10:39 - 2014-07-25 10:39 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-25 10:39 - 2014-03-28 22:18 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2014-07-25 10:39 - 2013-07-30 14:33 - 00000000 ____D () C:\Program Files\Intel
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\Program Files\AMD
2014-07-25 10:38 - 2014-07-25 10:38 - 00000000 ____D () C:\AMD
2014-07-25 10:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-07-25 10:38 - 2013-07-30 15:46 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ATI
2014-07-25 02:51 - 2014-07-25 02:51 - 00000000 ____D () C:\Users\*****\AppData\Local\ATI
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmper4tfq.dll
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-20 17:53
==================== End Of Log ============================
--- --- --- --- --- --- Lieber Schrauber. Alle von dir geforderten Logs sind oben. Noch eine Info: Mein Browser (Firefox) spinnt auch. Er ist langsam, hängt sich immer wieder auf und zeigt an, dass ein Skript nicht richtig ausgeführt wird. Ich danke dir vielmals für deine Unterstützung.LG |
|
24.08.2014, 15:25
| #10 |
| /// the machine /// TB-Ausbilder | Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 8 - Tastaur reagiert nicht mehr - Trojan.Agent gefunden |
| andere, anhang, beste, besten, desktop, funktioniert, langsamer, lieben, logfiles, löschen, nicht mehr, quarantäne, reagiert, rechner, stelle, suche, symbole, tastatur, tastaur, troja, trojan.agent, trojaner, unbedingt, verschoben, win |
Linear-Darstellung
