| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus erstellt voip im RouterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.08.2014, 20:54
| #1 |
| |  Virus erstellt voip im Router Hallo zusammen, Wie schon im Titel erwähnt, habe ich das Problem, dass in meinem Router (Vodafone Easybox 803) ein Virus dauernd versucht meinen Router auszulesen. Es erscheint im Ereignislogbuch ein loop Befehl, weshalb der Router öfters abstürzt. Danach erscheint [VoIP] SIP account 1 register timeout und If(PPPoE2) PPP fail : CHAP authentication failure. Irgendwann schafft er anscheinend aber den login, weshalb meine Bandbreite von 16000 auf 5000 sinkt. Danach klingelt einmal das Telefon. Ich selber habe schon versucht den Router auf Werkseinstellung zurückzusetzen und alle Passwörter danach geändert, hat leider bis jetzt nichts gebracht. Als Anhang habe ich den Addition und GMER log hinzugefügt, da das Thema sonst zu lang wäre. Ich hoffe sehr, dass mir hier jemand weiterhelfen kann mfg Swaley Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Thorben (administrator) on THORBEN-PC on 27-08-2014 19:25:17
Running from C:\Users\Thorben\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
() C:\Users\Thorben\Downloads\Core Temp\Core Temp.exe
() C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [6226624 2014-05-03] (FNet Co., Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Imperator Driver] => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-761638862-2947245423-882755344-1000\...\Run: [Fatal1tySTU] => [X]
HKU\S-1-5-21-761638862-2947245423-882755344-1000\...\Run: [ASRockHDMISwitch] => [X]
HKU\S-1-5-21-761638862-2947245423-882755344-1000\...\Run: [Spotify Web Helper] => C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-10] (Spotify Ltd)
HKU\S-1-5-21-761638862-2947245423-882755344-1000\...\MountPoints2: {4b9e3eaf-d2cf-11e3-be53-806e6f6e6963} - D:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1C23934DE566CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976\Extensions\youtubeunblocker@unblocker.yt [2014-06-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-11]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320324&octid=EB_ORIGINAL_CTID&ISID=M9FEC8BBC-1EBC-407B-80E9-96701BEF61BF&SearchSource=58&CUI=&UM=6&UP=SP09328ECB-F0F2-45D3-9CFD-4122C82E6F2E&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-03]
CHR Extension: (YouTube) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]
CHR Extension: (Google-Suche) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]
CHR Extension: (Tampermonkey) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-05-03]
CHR Extension: (CnC TA Script Collection) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhpmdclklpgfcpoiomjofgfagenmgeo [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]
CHR Extension: (Google Mail) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-08-12] (Perfect World Entertainment Inc)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 ASRockIOMon; C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-08-27] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-07-09] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-25] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-05-03] (ASRock Incorporation)
S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [20232 2013-09-09] (ASRock Inc.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-06-18] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-05-03] (FNet Co., Ltd.)
R2 hmpalert; C:\Windows\System32\drivers\hmpalert.sys [93144 2014-08-27] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-07-09] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-08-27] ()
R3 ALSysIO; \??\C:\Users\Thorben\AppData\Local\Temp\ALSysIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-27 19:25 - 2014-08-27 19:25 - 00018779 _____ () C:\Users\Thorben\Desktop\FRST.txt
2014-08-27 19:25 - 2014-08-27 19:25 - 00000000 ____D () C:\FRST
2014-08-27 19:23 - 2014-08-27 19:23 - 02103296 _____ (Farbar) C:\Users\Thorben\Desktop\FRST64.exe
2014-08-27 18:48 - 2014-08-27 18:48 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-08-26 20:42 - 2014-08-27 18:49 - 00000000 ____D () C:\Windows\CryptoGuard
2014-08-26 20:42 - 2014-08-27 18:37 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-08-26 20:42 - 2014-08-27 03:16 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-08-26 20:42 - 2014-08-27 03:16 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-08-26 20:42 - 2014-08-27 03:16 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-08-26 20:42 - 2014-08-26 20:42 - 01889616 _____ (SurfRight B.V.) C:\Users\Thorben\Downloads\hmpalert.exe
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-08-26 10:31 - 2014-08-26 10:31 - 629869856 _____ () C:\Windows\MEMORY.DMP
2014-08-26 10:31 - 2014-08-26 10:31 - 00291984 _____ () C:\Windows\Minidump\082614-14289-01.dmp
2014-08-26 10:31 - 2014-08-26 10:31 - 00000000 ____D () C:\Windows\Minidump
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-08-24 19:20 - 2014-08-24 19:20 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Adobe
2014-08-21 19:42 - 2014-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-21 19:14 - 2014-08-21 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-21 19:13 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-21 19:09 - 2014-08-21 19:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 19:07 - 2014-08-21 19:13 - 00012611 _____ () C:\Windows\IE11_main.log
2014-08-21 18:46 - 2014-08-21 18:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 18:46 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-21 18:43 - 2014-08-21 19:42 - 00289976 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-08-21 18:40 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-21 18:33 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-21 18:33 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-21 18:33 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-21 18:33 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-21 18:33 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-21 18:21 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-21 18:21 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-21 18:21 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-21 18:21 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-21 18:21 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-21 18:21 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 18:20 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-21 18:20 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-21 18:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-21 18:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-21 18:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-21 18:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-21 18:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-21 18:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-21 18:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-21 18:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-21 18:17 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-21 18:17 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-21 18:17 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-08-21 18:17 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-08-21 18:17 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-21 17:57 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-21 17:57 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-21 17:57 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 17:57 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-21 17:57 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-21 17:57 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-21 17:57 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-21 17:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-21 17:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-21 17:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-21 17:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-21 17:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-21 17:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-21 17:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-21 17:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-21 17:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-21 17:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-21 17:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-21 17:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-21 17:57 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-21 17:57 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-21 17:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-21 17:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-21 17:57 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-21 17:57 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-21 17:57 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-21 17:57 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-21 17:57 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-21 17:57 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-08-21 17:57 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-08-21 17:57 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-21 17:57 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-21 17:57 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-21 17:57 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-21 17:57 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-21 17:57 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-08-21 17:57 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-08-21 17:57 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-08-21 17:57 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-21 17:57 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-08-21 17:57 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-08-21 17:57 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-08-21 17:57 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-21 17:57 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-21 17:57 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-21 17:57 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-21 17:57 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-08-21 17:57 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-08-21 17:57 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-08-21 17:57 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-21 17:57 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-21 17:57 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-08-21 17:57 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-08-21 17:57 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-21 17:57 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-21 17:57 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-08-21 17:57 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-21 17:57 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-21 17:57 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-08-21 17:57 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-08-21 17:57 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-08-21 17:57 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-08-21 17:57 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-08-21 17:57 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-08-21 17:57 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-08-21 17:57 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-08-21 17:57 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-08-21 17:57 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-08-21 17:56 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-21 17:56 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-21 17:56 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-21 17:56 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-21 17:56 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-21 17:56 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-21 17:56 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-21 17:56 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-21 17:56 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-21 17:56 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-21 17:56 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-21 17:56 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-21 17:56 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-21 17:56 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-21 17:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-21 17:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-21 17:56 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-21 17:56 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-21 17:56 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-21 17:56 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-21 17:56 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-21 17:56 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-08-21 17:56 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-21 17:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-21 17:56 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-21 17:56 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-21 17:56 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-21 17:56 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-21 17:56 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-08-21 17:56 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-21 17:56 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-21 17:56 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-21 17:56 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-08-21 17:56 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-08-21 17:56 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-08-21 17:56 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-08-21 17:56 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-08-21 17:56 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-08-21 17:56 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-08-21 17:56 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-08-21 17:56 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-08-21 17:56 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-08-21 17:55 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-21 17:55 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-21 17:55 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-21 17:55 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-21 17:55 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-21 17:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-21 17:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-21 17:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-21 17:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-21 17:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-21 17:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-21 17:55 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-21 17:55 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-21 17:55 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-21 17:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-08-21 17:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-21 17:55 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-21 17:55 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-08-21 17:55 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-21 17:55 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-08-21 17:55 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-08-21 17:55 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-21 17:55 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-21 17:55 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-21 17:55 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-21 17:55 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-08-21 17:55 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-21 17:55 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-21 17:55 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-08-21 17:55 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-08-21 17:55 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-08-21 17:55 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-08-21 17:55 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-08-21 17:55 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-08-21 17:55 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-08-21 17:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-21 17:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-21 17:53 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-08-21 17:51 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-21 17:51 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-08-21 17:46 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-21 17:46 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-21 17:46 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-21 17:46 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-21 17:46 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-21 17:46 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-21 17:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-21 17:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-21 17:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-21 17:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-21 17:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-21 17:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-21 17:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-21 17:45 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-21 17:45 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-21 17:42 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-21 17:42 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-21 17:42 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-21 17:42 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-21 17:42 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-21 17:42 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-21 17:42 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-21 17:42 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-21 17:42 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-21 17:42 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-21 17:42 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-21 17:42 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-21 17:42 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-21 17:42 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-21 17:42 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-21 17:41 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-21 17:41 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-21 17:41 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-21 17:41 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-21 17:41 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-21 17:41 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-21 17:41 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-08-21 17:41 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-21 17:41 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-21 17:41 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-21 17:41 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-21 17:41 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-21 17:41 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-21 17:41 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-21 17:41 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-21 17:40 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-21 17:40 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-21 17:40 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-21 17:40 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-21 17:40 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-21 17:40 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-21 17:40 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-19 15:34 - 2014-08-21 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-19 15:32 - 2014-08-21 19:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 15:31 - 2014-08-19 15:31 - 00000000 __RHD () C:\MSOCache
2014-08-14 16:28 - 2014-08-14 16:28 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Chromium
2014-08-14 16:20 - 2014-08-14 17:50 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 16:20 - 2014-08-14 16:48 - 00000000 ____D () C:\Users\Thorben\Documents\Might & Magic Heroes VI
2014-08-14 16:19 - 2014-08-25 04:36 - 00035140 _____ () C:\Windows\DirectX.log
2014-08-14 02:17 - 2014-08-27 18:48 - 00011014 _____ () C:\Windows\setupact.log
2014-08-14 02:17 - 2014-08-14 02:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-14 02:16 - 2014-08-27 18:48 - 00015920 _____ () C:\Windows\PFRO.log
2014-08-14 02:11 - 2014-08-14 02:11 - 00159744 _____ () C:\Windows\winhlq32.exe
2014-08-14 02:11 - 2014-08-14 02:11 - 00003612 _____ () C:\Windows\System32\Tasks\AnwendungserfahrungFunctionauf
2014-08-14 02:05 - 2014-08-27 18:47 - 00000000 ____D () C:\AdwCleaner
2014-08-14 02:05 - 2014-08-14 02:05 - 01356107 _____ () C:\Users\Thorben\Downloads\adwcleaner_3.305.exe
2014-08-14 02:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-13 03:48 - 2014-08-13 03:50 - 00000000 ___HD () C:\ArcTemp
2014-08-13 03:47 - 2014-08-13 03:48 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Arc
2014-08-13 03:45 - 2014-08-13 03:50 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-08-13 03:45 - 2014-08-13 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-08-06 21:45 - 2014-08-06 21:45 - 00000000 ____D () C:\Users\Thorben\Documents\SimCity
2014-08-01 16:07 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 16:07 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 16:07 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 16:07 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 16:07 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 16:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 16:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 16:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 16:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-27 19:25 - 2014-08-27 19:25 - 00018779 _____ () C:\Users\Thorben\Desktop\FRST.txt
2014-08-27 19:25 - 2014-08-27 19:25 - 00000000 ____D () C:\FRST
2014-08-27 19:23 - 2014-08-27 19:23 - 02103296 _____ (Farbar) C:\Users\Thorben\Desktop\FRST64.exe
2014-08-27 19:22 - 2014-05-18 14:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-27 18:56 - 2009-07-14 06:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 18:56 - 2009-07-14 06:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 18:55 - 2010-11-21 08:50 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-08-27 18:55 - 2010-11-21 08:50 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-08-27 18:55 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-27 18:52 - 2014-05-05 18:22 - 01206761 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 18:51 - 2014-05-03 18:27 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-27 18:49 - 2014-08-26 20:42 - 00000000 ____D () C:\Windows\CryptoGuard
2014-08-27 18:49 - 2014-06-23 13:28 - 00002988 _____ () C:\Windows\System32\Tasks\HDMISwitch
2014-08-27 18:48 - 2014-08-27 18:48 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-08-27 18:48 - 2014-08-14 02:17 - 00011014 _____ () C:\Windows\setupact.log
2014-08-27 18:48 - 2014-08-14 02:16 - 00015920 _____ () C:\Windows\PFRO.log
2014-08-27 18:48 - 2014-05-03 18:27 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-27 18:48 - 2014-05-03 17:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-27 18:48 - 2014-05-03 16:58 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-08-27 18:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 18:47 - 2014-08-14 02:05 - 00000000 ____D () C:\AdwCleaner
2014-08-27 18:37 - 2014-08-26 20:42 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert
2014-08-27 05:44 - 2014-05-03 17:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-27 03:26 - 2014-05-03 18:57 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Battle.net
2014-08-27 03:16 - 2014-08-26 20:42 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-08-27 03:16 - 2014-08-26 20:42 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-08-27 03:16 - 2014-08-26 20:42 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys
2014-08-26 20:42 - 2014-08-26 20:42 - 01889616 _____ (SurfRight B.V.) C:\Users\Thorben\Downloads\hmpalert.exe
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro.Alert
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-08-26 10:31 - 2014-08-26 10:31 - 629869856 _____ () C:\Windows\MEMORY.DMP
2014-08-26 10:31 - 2014-08-26 10:31 - 00291984 _____ () C:\Windows\Minidump\082614-14289-01.dmp
2014-08-26 10:31 - 2014-08-26 10:31 - 00000000 ____D () C:\Windows\Minidump
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-08-26 04:22 - 2014-05-03 18:39 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\TS3Client
2014-08-25 15:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-25 05:28 - 2014-05-05 06:42 - 00000000 ____D () C:\Users\Thorben\Documents\my games
2014-08-25 04:36 - 2014-08-14 16:19 - 00035140 _____ () C:\Windows\DirectX.log
2014-08-24 19:20 - 2014-08-24 19:20 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Adobe
2014-08-23 03:52 - 2014-05-03 22:41 - 00000000 ____D () C:\Users\Thorben\AppData\Local\CrashDumps
2014-08-22 23:08 - 2014-05-03 18:59 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-22 02:15 - 2014-05-03 18:57 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-21 20:36 - 2014-05-03 16:46 - 00070000 _____ () C:\Users\Thorben\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 20:35 - 2009-07-14 06:45 - 00314016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 19:42 - 2014-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-21 19:42 - 2014-08-21 18:43 - 00289976 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-08-21 19:41 - 2014-08-19 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-21 19:40 - 2014-08-19 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-21 19:21 - 2014-05-03 16:36 - 00001305 _____ () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:18 - 2014-05-03 17:28 - 00000000 ____D () C:\Windows\Panther
2014-08-21 19:16 - 2010-11-21 09:01 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-21 19:14 - 2014-08-21 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-21 19:13 - 2014-08-21 19:07 - 00012611 _____ () C:\Windows\IE11_main.log
2014-08-21 19:09 - 2014-08-21 19:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 18:48 - 2014-08-21 18:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 18:40 - 2014-05-03 16:46 - 01597378 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 17:54 - 2014-05-03 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-21 17:53 - 2014-05-03 17:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-21 17:52 - 2014-05-03 17:06 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-19 15:34 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-19 15:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 15:32 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-08-19 15:31 - 2014-08-19 15:31 - 00000000 __RHD () C:\MSOCache
2014-08-18 19:32 - 2014-05-03 20:41 - 00000000 ____D () C:\ProgramData\Origin
2014-08-18 19:23 - 2014-05-03 20:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-14 17:50 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 16:48 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Thorben\Documents\Might & Magic Heroes VI
2014-08-14 16:28 - 2014-08-14 16:28 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Chromium
2014-08-14 02:17 - 2014-08-14 02:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-14 02:12 - 2014-05-03 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 02:12 - 2014-05-03 18:37 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 02:11 - 2014-08-14 02:11 - 00159744 _____ () C:\Windows\winhlq32.exe
2014-08-14 02:11 - 2014-08-14 02:11 - 00003612 _____ () C:\Windows\System32\Tasks\AnwendungserfahrungFunctionauf
2014-08-14 02:07 - 2014-05-03 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 02:07 - 2014-05-03 17:37 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-14 02:05 - 2014-08-14 02:05 - 01356107 _____ () C:\Users\Thorben\Downloads\adwcleaner_3.305.exe
2014-08-13 19:24 - 2014-05-18 14:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-13 19:24 - 2014-05-03 19:14 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-13 19:24 - 2014-05-03 19:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 03:50 - 2014-08-13 03:48 - 00000000 ___HD () C:\ArcTemp
2014-08-13 03:50 - 2014-08-13 03:45 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-08-13 03:48 - 2014-08-13 03:47 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Arc
2014-08-13 03:45 - 2014-08-13 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-08-13 03:45 - 2014-05-03 16:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-07 04:06 - 2014-08-21 17:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-21 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:45 - 2014-08-06 21:45 - 00000000 ____D () C:\Users\Thorben\Documents\SimCity
2014-08-02 08:20 - 2014-05-03 18:52 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Spotify
2014-08-02 03:39 - 2014-05-03 18:52 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Spotify
2014-07-31 23:41 - 2014-08-21 18:46 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-30 13:28 - 2014-05-03 22:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-30 13:28 - 2014-05-03 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-30 13:28 - 2014-05-03 19:12 - 00000000 ____D () C:\ProgramData\Avira
2014-07-30 13:28 - 2014-05-03 19:12 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-28 01:05 - 2014-07-25 18:27 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-28 01:05 - 2014-07-25 17:42 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
Some content of TEMP:
====================
C:\Users\Thorben\AppData\Local\Temp\avgnt.exe
C:\Users\Thorben\AppData\Local\Temp\hmpalert_update.exe
C:\Users\Thorben\AppData\Local\Temp\nsg3230.exe
C:\Users\Thorben\AppData\Local\Temp\nsg35D9.exe
C:\Users\Thorben\AppData\Local\Temp\nsgF21.exe
C:\Users\Thorben\AppData\Local\Temp\nsm39A2.exe
C:\Users\Thorben\AppData\Local\Temp\nsmC34.exe
C:\Users\Thorben\AppData\Local\Temp\nsw128C.exe
C:\Users\Thorben\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Thorben\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Thorben\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Thorben\AppData\Local\Temp\nvStInst.exe
C:\Users\Thorben\AppData\Local\Temp\ose00000.exe
C:\Users\Thorben\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-18 16:43
==================== End Of Log ============================
Code:
ATTFilter Von Antivir
Beginne mit der Suche in 'C:\'
C:\AdwCleaner\Quarantine\C\Users\Thorben\AppData\Local\Temp\Security Systems\Setup.exe.vir
[FUND] Enthält Erkennungsmuster der Adware ADWARE/AgentCV.A.6984
C:\Users\Thorben\AppData\Local\Temp\aot3vwh4.d4c\prot.exe
[0] Archivtyp: ZIP SFX (self extracting)
--> Setup.exe
[FUND] Enthält Erkennungsmuster der Adware ADWARE/AgentCV.A.6984
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
|
|
28.08.2014, 06:36
| #2 |
| /// the machine /// TB-Ausbilder    | Virus erstellt voip im Router Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
28.08.2014, 07:11
| #3 |
| | Virus erstellt voip im Router Addition log:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Thorben at 2014-08-27 19:26:18
Running from C:\Users\Thorben\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ASRock HDMI Switch v1.0.25 (HKLM-x32\...\ASRock HDMI Switch_is1) (Version: 1.0.25 - )
ASRock Key Master v1.0.7 (HKLM-x32\...\ASRock Key Master_is1) (Version: 1.0.7 - )
ASRock XFast RAM v3.0.2 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.2.6.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.2.6.0 - ASUSTek COMPUTER INC.) Hidden
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
F-Stream Tuning v2.0.48 (HKLM-x32\...\F-Stream Tuning_is1) (Version: 2.0.48 - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Might & Magic: Heroes VI (HKLM-x32\...\Steam App 48220) (Version: - Blackhole)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.7.0) (Version: 4.0.7.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.7.0 - Locktime Software) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Razer Imperator (HKLM-x32\...\{C05905B9-775A-4894-A4DF-B57C15250958}) (Version: 2.02.00 - Razer USA Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.4 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.38 - ASRock Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
19-08-2014 13:31:48 Installed Microsoft Office Home and Student 2007
21-08-2014 16:20:03 Windows Update
21-08-2014 17:39:21 Windows Update
25-08-2014 02:35:20 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {090A4A7B-CB54-48E9-8C62-5566E8EB6D91} - System32\Tasks\Core Temp Autostart Thorben => C:\Users\Thorben\Downloads\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {27360412-EFDD-4111-875F-A9ABBF47C2E0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {57FFBE51-4830-46A2-99C9-64DE9E649FA4} - System32\Tasks\HDMISwitch => C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe [2013-09-04] ()
Task: {7744B267-AEBB-4F2F-B7B2-FE663ADC2D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-03] (Google Inc.)
Task: {B5452820-E4C1-42EE-83C1-5FE275709A85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-13] (Adobe Systems Incorporated)
Task: {B6ED7BCE-BA67-4532-A23C-496D4FDE9E2C} - System32\Tasks\AnwendungserfahrungFunctionauf => C:\Windows\winhlq32.exe [2014-08-14] ()
Task: {CCB0B958-38C6-4EE4-8001-6A86C5EC5915} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2014-05-03 17:02 - 2013-05-28 17:58 - 00454656 _____ () C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-05-03 17:11 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-03 17:54 - 2013-10-08 13:23 - 00890016 _____ () C:\Users\Thorben\Downloads\Core Temp\Core Temp.exe
2014-05-03 17:02 - 2013-09-04 17:26 - 02217224 _____ () C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
2014-07-25 18:27 - 2014-07-25 18:27 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-30 13:28 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\Thorben\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-23 18:23 - 2014-07-23 18:23 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-03 16:49 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-13 19:24 - 2014-08-13 19:24 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/27/2014 06:50:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/27/2014 06:49:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/27/2014 06:49:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/27/2014 06:49:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/27/2014 06:38:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/27/2014 06:38:11 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/27/2014 06:38:01 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/27/2014 06:37:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (08/27/2014 03:14:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/27/2014 03:13:53 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
bei System.ComponentModel.Composition.Primitives.Export.get_Value()
bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
bei System.Threading.ThreadPoolWorkQueue.Dispatch()
bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
System errors:
=============
Error: (08/27/2014 06:49:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (08/27/2014 06:49:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2014 06:49:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2014 06:38:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (08/27/2014 06:38:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2014 06:37:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2014 03:13:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (08/27/2014 03:13:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/27/2014 03:13:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/26/2014 10:33:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-08-27 19:24:16.387
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-27 18:48:32.640
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-27 18:47:05.072
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-27 18:37:11.059
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-27 03:27:01.459
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-08-27 03:12:43.967
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 25%
Total physical RAM: 8111.26 MB
Available physical RAM: 6045.33 MB
Total Pagefile: 16220.7 MB
Available Pagefile: 13770.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:674.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 674E474E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-27 19:51:54
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000065 ST1000DM rev.CC47 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Thorben\AppData\Local\Temp\kwdirfob.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe[900] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe[900] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe[900] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe[900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077181465 2 bytes [18, 77]
.text C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe[900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000771814bb 2 bytes [18, 77]
.text ... * 2
.text C:\Windows\system32\nvvsvc.exe[988] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\nvvsvc.exe[988] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\nvvsvc.exe[988] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\nvvsvc.exe[988] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[1012] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[1012] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[1012] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Windows\system32\svchost.exe[356] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\svchost.exe[356] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\svchost.exe[356] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\svchost.exe[356] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\System32\svchost.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\System32\svchost.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\System32\svchost.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\System32\svchost.exe[520] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\System32\svchost.exe[1068] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\System32\svchost.exe[1068] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\System32\svchost.exe[1068] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\System32\svchost.exe[1068] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\svchost.exe[1112] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\svchost.exe[1144] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\svchost.exe[1144] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\svchost.exe[1144] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\svchost.exe[1144] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\svchost.exe[1404] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\svchost.exe[1404] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\svchost.exe[1404] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\svchost.exe[1404] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\System32\spoolsv.exe[1552] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\System32\spoolsv.exe[1552] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\System32\spoolsv.exe[1552] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\System32\spoolsv.exe[1552] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\svchost.exe[1600] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\svchost.exe[1600] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\svchost.exe[1600] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\svchost.exe[1600] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1724] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1724] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[1724] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1760] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1760] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe[1760] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Windows\SysWOW64\ASGT.exe[1780] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Windows\SysWOW64\ASGT.exe[1780] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Windows\SysWOW64\ASGT.exe[1780] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe[1820] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe[1820] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe[1820] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Windows\SysWOW64\svchost.exe[1864] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Windows\SysWOW64\svchost.exe[1864] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Windows\SysWOW64\svchost.exe[1864] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[1912] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[1912] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[1912] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Intel\iCLS Client\HeciServer.exe[1912] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[504] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[504] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[504] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe[504] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[420] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[420] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[420] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[420] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\nvvsvc.exe[1652] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\nvvsvc.exe[1652] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\nvvsvc.exe[1652] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\nvvsvc.exe[1652] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe[2176] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe[2176] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe[2176] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe[2176] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\taskhost.exe[2332] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\taskhost.exe[2332] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\taskhost.exe[2332] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\taskhost.exe[2332] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\Dwm.exe[2392] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\Dwm.exe[2392] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\Dwm.exe[2392] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\Dwm.exe[2392] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\taskeng.exe[2416] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\taskeng.exe[2416] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\taskeng.exe[2416] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\taskeng.exe[2416] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\Explorer.EXE[2464] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\Explorer.EXE[2464] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\Explorer.EXE[2464] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\Explorer.EXE[2464] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2780] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2780] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2780] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2780] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2808] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2808] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2808] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\Logitech Gaming Software\LCore.exe[2824] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Logitech Gaming Software\LCore.exe[2824] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Logitech Gaming Software\LCore.exe[2824] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Logitech Gaming Software\LCore.exe[2824] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2832] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2832] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2832] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe[2832] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2896] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2896] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe[2896] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[2944] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[2944] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe[2944] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[2968] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[2968] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[2968] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[2976] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[2976] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe[2976] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\XFastUSB\XFastUsb.exe[2092] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\XFastUSB\XFastUsb.exe[2092] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\XFastUSB\XFastUsb.exe[2092] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[2692] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[2692] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe[2692] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe[2712] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe[2712] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe[2712] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2032] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2032] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2032] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2032] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[3156] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[3156] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[3156] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3360] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3360] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3360] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe[3360] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\conhost.exe[3392] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\conhost.exe[3392] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\conhost.exe[3392] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\conhost.exe[3392] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 00000000734e1a22 2 bytes [4E, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 00000000734e1ad0 2 bytes [4E, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 00000000734e1b08 2 bytes [4E, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 00000000734e1bba 2 bytes [4E, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 00000000734e1bda 2 bytes [4E, 73]
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000077181465 2 bytes [18, 77]
.text C:\Windows\SysWOW64\PnkBstrA.exe[3412] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000771814bb 2 bytes [18, 77]
.text ... * 2
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[4100] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[4100] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[4100] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe[4100] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\SearchIndexer.exe[4652] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\SearchIndexer.exe[4652] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\SearchIndexer.exe[4652] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\SearchIndexer.exe[4652] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe[5068] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe[5068] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe[5068] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe[5068] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5076] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5076] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5076] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe[5076] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\svchost.exe[4572] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\svchost.exe[4572] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\svchost.exe[4572] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\svchost.exe[4572] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\System32\svchost.exe[5444] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\System32\svchost.exe[5444] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\System32\svchost.exe[5444] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\System32\svchost.exe[5444] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe[5820] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe[5820] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe[5820] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe[5892] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe[5892] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe[5892] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe[5952] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe[5952] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe[5952] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[2384] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[2384] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe[2384] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5776] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5776] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe[5776] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[5840] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[5840] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[5840] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5224] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5224] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5224] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
.text C:\Windows\system32\msiexec.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\msiexec.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\msiexec.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\msiexec.exe[4472] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Windows\system32\wuauclt.exe[5612] C:\Windows\SYSTEM32\ntdll.dll!NtAllocateVirtualMemory 0000000077021430 5 bytes JMP 0000000077180010
.text C:\Windows\system32\wuauclt.exe[5612] C:\Windows\SYSTEM32\ntdll.dll!NtFreeVirtualMemory 0000000077021490 5 bytes JMP 0000000077180028
.text C:\Windows\system32\wuauclt.exe[5612] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory 00000000770217b0 1 byte JMP 0000000077180040
.text C:\Windows\system32\wuauclt.exe[5612] C:\Windows\SYSTEM32\ntdll.dll!NtProtectVirtualMemory + 2 00000000770217b2 3 bytes {JMP 0x15e890}
.text C:\Users\Thorben\Desktop\Gmer-19357.exe[6648] C:\Windows\SysWOW64\ntdll.dll!NtAllocateVirtualMemory 00000000771cfac0 5 bytes JMP 0000000174a78cf0
.text C:\Users\Thorben\Desktop\Gmer-19357.exe[6648] C:\Windows\SysWOW64\ntdll.dll!NtFreeVirtualMemory 00000000771cfb58 5 bytes JMP 0000000174a78ea0
.text C:\Users\Thorben\Desktop\Gmer-19357.exe[6648] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000771d0038 5 bytes JMP 0000000174a78d80
---- EOF - GMER 2.1 ----
|
|
28.08.2014, 12:59
| #4 |
| /// the machine /// TB-Ausbilder | Virus erstellt voip im Router hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.08.2014, 22:54
| #5 |
| | Virus erstellt voip im Router Der TdssKiller log: Code:
ATTFilter 23:19:08.0628 0x16d4 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:19:24.0072 0x16d4 ============================================================
23:19:24.0072 0x16d4 Current date / time: 2014/08/28 23:19:24.0072
23:19:24.0072 0x16d4 SystemInfo:
23:19:24.0072 0x16d4
23:19:24.0072 0x16d4 OS Version: 6.1.7601 ServicePack: 1.0
23:19:24.0072 0x16d4 Product type: Workstation
23:19:24.0072 0x16d4 ComputerName: THORBEN-PC
23:19:24.0072 0x16d4 UserName: Thorben
23:19:24.0072 0x16d4 Windows directory: C:\Windows
23:19:24.0072 0x16d4 System windows directory: C:\Windows
23:19:24.0072 0x16d4 Running under WOW64
23:19:24.0072 0x16d4 Processor architecture: Intel x64
23:19:24.0072 0x16d4 Number of processors: 4
23:19:24.0072 0x16d4 Page size: 0x1000
23:19:24.0072 0x16d4 Boot type: Normal boot
23:19:24.0072 0x16d4 ============================================================
23:19:25.0601 0x16d4 KLMD registered as C:\Windows\system32\drivers\82428390.sys
23:19:25.0804 0x16d4 System UUID: {DDF68E80-6706-73BE-6747-BE34B6ED8358}
23:19:26.0147 0x16d4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:19:26.0147 0x16d4 ============================================================
23:19:26.0147 0x16d4 \Device\Harddisk0\DR0:
23:19:26.0147 0x16d4 MBR partitions:
23:19:26.0147 0x16d4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:19:26.0147 0x16d4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
23:19:26.0147 0x16d4 ============================================================
23:19:26.0178 0x16d4 C: <-> \Device\Harddisk0\DR0\Partition2
23:19:26.0178 0x16d4 ============================================================
23:19:26.0178 0x16d4 Initialize success
23:19:26.0178 0x16d4 ============================================================
23:20:38.0841 0x14b8 ============================================================
23:20:38.0841 0x14b8 Scan started
23:20:38.0841 0x14b8 Mode: Manual; SigCheck; TDLFS;
23:20:38.0841 0x14b8 ============================================================
23:20:38.0841 0x14b8 KSN ping started
23:20:52.0678 0x14b8 KSN ping finished: true
23:20:53.0286 0x14b8 ================ Scan system memory ========================
23:20:53.0286 0x14b8 System memory - ok
23:20:53.0286 0x14b8 ================ Scan services =============================
23:20:53.0411 0x14b8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:20:53.0536 0x14b8 1394ohci - ok
23:20:53.0567 0x14b8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:20:53.0583 0x14b8 ACPI - ok
23:20:53.0583 0x14b8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:20:53.0614 0x14b8 AcpiPmi - ok
23:20:53.0676 0x14b8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:20:53.0723 0x14b8 AdobeARMservice - ok
23:20:53.0817 0x14b8 [ F4BF3ADDDDC1AD372604F13C2B0C1F65, FA37ED5014336A72F778C485226B61BEFECEB861AB754862738795C167F0BAB7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:20:53.0832 0x14b8 AdobeFlashPlayerUpdateSvc - ok
23:20:53.0864 0x14b8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:20:53.0895 0x14b8 adp94xx - ok
23:20:53.0895 0x14b8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:20:53.0910 0x14b8 adpahci - ok
23:20:53.0926 0x14b8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:20:53.0942 0x14b8 adpu320 - ok
23:20:53.0957 0x14b8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:20:54.0051 0x14b8 AeLookupSvc - ok
23:20:54.0129 0x14b8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
23:20:54.0176 0x14b8 AFD - ok
23:20:54.0207 0x14b8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:20:54.0222 0x14b8 agp440 - ok
23:20:54.0254 0x14b8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:20:54.0300 0x14b8 ALG - ok
23:20:54.0347 0x14b8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:20:54.0378 0x14b8 aliide - ok
23:20:54.0441 0x14b8 ALSysIO - ok
23:20:54.0472 0x14b8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:20:54.0488 0x14b8 amdide - ok
23:20:54.0503 0x14b8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:20:54.0534 0x14b8 AmdK8 - ok
23:20:54.0534 0x14b8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
23:20:54.0581 0x14b8 AmdPPM - ok
23:20:54.0612 0x14b8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:20:54.0644 0x14b8 amdsata - ok
23:20:54.0675 0x14b8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:20:54.0706 0x14b8 amdsbs - ok
23:20:54.0722 0x14b8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:20:54.0737 0x14b8 amdxata - ok
23:20:54.0831 0x14b8 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:20:54.0846 0x14b8 AntiVirSchedulerService - ok
23:20:54.0878 0x14b8 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:20:54.0893 0x14b8 AntiVirService - ok
23:20:54.0924 0x14b8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
23:20:55.0034 0x14b8 AppID - ok
23:20:55.0065 0x14b8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:20:55.0127 0x14b8 AppIDSvc - ok
23:20:55.0158 0x14b8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
23:20:55.0174 0x14b8 Appinfo - ok
23:20:55.0205 0x14b8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
23:20:55.0252 0x14b8 AppMgmt - ok
23:20:55.0283 0x14b8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
23:20:55.0299 0x14b8 arc - ok
23:20:55.0314 0x14b8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:20:55.0330 0x14b8 arcsas - ok
23:20:55.0439 0x14b8 [ 431C68133D43560ACCA0A2042F66562D, D95FA5EEDCC31A712C9C2C9BA746F609364991FE55A93071BA63BDC603974F2C ] ArcService C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe
23:20:55.0470 0x14b8 ArcService - ok
23:20:55.0486 0x14b8 [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
23:20:55.0502 0x14b8 ASGT - detected UnsignedFile.Multi.Generic ( 1 )
23:20:58.0325 0x14b8 Detect skipped due to KSN trusted
23:20:58.0325 0x14b8 ASGT - ok
23:20:58.0419 0x14b8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:20:58.0481 0x14b8 aspnet_state - ok
23:20:58.0528 0x14b8 [ 1A234F4643F5658BAB07BFA611282267, F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B ] AsrDrv101 C:\Windows\SysWOW64\Drivers\AsrDrv101.sys
23:20:58.0544 0x14b8 AsrDrv101 - ok
23:20:58.0575 0x14b8 [ FABB2170C9ED83DBB7CCD0E12C78AE2B, A8E6ED73FB30B45948DCE3F16108FC6473AB49BF9CE549145FA6BA479194F065 ] AsrHidFilter C:\Windows\system32\DRIVERS\AsrHidFilter.sys
23:20:58.0606 0x14b8 AsrHidFilter - ok
23:20:58.0637 0x14b8 [ D208B82330EB0CA9E1285520630183F1, 1122E08493BFDF639ECB80A7F3BD640971FF3639154F4130434F98E1831E004A ] ASRockIOMon C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
23:20:58.0684 0x14b8 ASRockIOMon - detected UnsignedFile.Multi.Generic ( 1 )
23:21:01.0492 0x14b8 Detect skipped due to KSN trusted
23:21:01.0492 0x14b8 ASRockIOMon - ok
23:21:01.0508 0x14b8 [ A149C93231945A5118C63AEACA6D1E72, 60B28184585B389751FCF71651A139D74018DE04AEBF4A497835AF727B64BD53 ] AsrRamDisk C:\Windows\system32\DRIVERS\AsrRamDisk.sys
23:21:01.0539 0x14b8 AsrRamDisk - ok
23:21:01.0570 0x14b8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:21:01.0632 0x14b8 AsyncMac - ok
23:21:01.0679 0x14b8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:21:01.0695 0x14b8 atapi - ok
23:21:01.0773 0x14b8 [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
23:21:01.0835 0x14b8 athr - ok
23:21:01.0882 0x14b8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:21:01.0913 0x14b8 AudioEndpointBuilder - ok
23:21:01.0929 0x14b8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:21:01.0960 0x14b8 AudioSrv - ok
23:21:02.0007 0x14b8 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:21:02.0022 0x14b8 avgntflt - ok
23:21:02.0054 0x14b8 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:21:02.0085 0x14b8 avipbb - ok
23:21:02.0132 0x14b8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:21:02.0147 0x14b8 avkmgr - ok
23:21:02.0163 0x14b8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:21:02.0225 0x14b8 AxInstSV - ok
23:21:02.0256 0x14b8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:21:02.0303 0x14b8 b06bdrv - ok
23:21:02.0334 0x14b8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:21:02.0366 0x14b8 b57nd60a - ok
23:21:02.0381 0x14b8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:21:02.0412 0x14b8 BDESVC - ok
23:21:02.0428 0x14b8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:21:02.0475 0x14b8 Beep - ok
23:21:02.0506 0x14b8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:21:02.0537 0x14b8 BFE - ok
23:21:02.0568 0x14b8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
23:21:02.0615 0x14b8 BITS - ok
23:21:02.0631 0x14b8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:21:02.0631 0x14b8 blbdrive - ok
23:21:02.0678 0x14b8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:21:02.0709 0x14b8 bowser - ok
23:21:02.0724 0x14b8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:21:02.0740 0x14b8 BrFiltLo - ok
23:21:02.0740 0x14b8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:21:02.0771 0x14b8 BrFiltUp - ok
23:21:02.0802 0x14b8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:21:02.0834 0x14b8 Browser - ok
23:21:02.0865 0x14b8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:21:02.0912 0x14b8 Brserid - ok
23:21:02.0912 0x14b8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:21:02.0943 0x14b8 BrSerWdm - ok
23:21:02.0958 0x14b8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:21:02.0990 0x14b8 BrUsbMdm - ok
23:21:02.0990 0x14b8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:21:03.0005 0x14b8 BrUsbSer - ok
23:21:03.0005 0x14b8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:21:03.0021 0x14b8 BTHMODEM - ok
23:21:03.0036 0x14b8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:21:03.0068 0x14b8 bthserv - ok
23:21:03.0083 0x14b8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:21:03.0099 0x14b8 cdfs - ok
23:21:03.0130 0x14b8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:21:03.0146 0x14b8 cdrom - ok
23:21:03.0161 0x14b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:21:03.0177 0x14b8 CertPropSvc - ok
23:21:03.0177 0x14b8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
23:21:03.0192 0x14b8 circlass - ok
23:21:03.0208 0x14b8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
23:21:03.0224 0x14b8 CLFS - ok
23:21:03.0286 0x14b8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:21:03.0317 0x14b8 clr_optimization_v2.0.50727_32 - ok
23:21:03.0364 0x14b8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:21:03.0395 0x14b8 clr_optimization_v2.0.50727_64 - ok
23:21:03.0489 0x14b8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:21:03.0551 0x14b8 clr_optimization_v4.0.30319_32 - ok
23:21:03.0582 0x14b8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:21:03.0629 0x14b8 clr_optimization_v4.0.30319_64 - ok
23:21:03.0629 0x14b8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
23:21:03.0660 0x14b8 CmBatt - ok
23:21:03.0707 0x14b8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:21:03.0723 0x14b8 cmdide - ok
23:21:03.0770 0x14b8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
23:21:03.0816 0x14b8 CNG - ok
23:21:03.0832 0x14b8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:21:03.0863 0x14b8 Compbatt - ok
23:21:03.0879 0x14b8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:21:03.0941 0x14b8 CompositeBus - ok
23:21:03.0941 0x14b8 COMSysApp - ok
23:21:03.0957 0x14b8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:21:03.0972 0x14b8 crcdisk - ok
23:21:04.0019 0x14b8 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:21:04.0050 0x14b8 CryptSvc - ok
23:21:04.0097 0x14b8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
23:21:04.0160 0x14b8 CSC - ok
23:21:04.0191 0x14b8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
23:21:04.0206 0x14b8 CscService - ok
23:21:04.0238 0x14b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:21:04.0269 0x14b8 DcomLaunch - ok
23:21:04.0284 0x14b8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:21:04.0316 0x14b8 defragsvc - ok
23:21:04.0331 0x14b8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:21:04.0362 0x14b8 DfsC - ok
23:21:04.0394 0x14b8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:21:04.0440 0x14b8 Dhcp - ok
23:21:04.0456 0x14b8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:21:04.0487 0x14b8 discache - ok
23:21:04.0503 0x14b8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
23:21:04.0518 0x14b8 Disk - ok
23:21:04.0534 0x14b8 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
23:21:04.0550 0x14b8 dmvsc - ok
23:21:04.0596 0x14b8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:21:04.0659 0x14b8 Dnscache - ok
23:21:04.0690 0x14b8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:21:04.0784 0x14b8 dot3svc - ok
23:21:04.0815 0x14b8 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:21:04.0862 0x14b8 Dot4 - ok
23:21:04.0908 0x14b8 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:21:04.0940 0x14b8 Dot4Print - ok
23:21:04.0955 0x14b8 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:21:04.0971 0x14b8 dot4usb - ok
23:21:04.0986 0x14b8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:21:05.0049 0x14b8 DPS - ok
23:21:05.0064 0x14b8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:21:05.0111 0x14b8 drmkaud - ok
23:21:05.0189 0x14b8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:21:05.0236 0x14b8 DXGKrnl - ok
23:21:05.0267 0x14b8 [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
23:21:05.0283 0x14b8 e1dexpress - ok
23:21:05.0298 0x14b8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:21:05.0330 0x14b8 EapHost - ok
23:21:05.0392 0x14b8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:21:05.0486 0x14b8 ebdrv - ok
23:21:05.0517 0x14b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
23:21:05.0532 0x14b8 EFS - ok
23:21:05.0595 0x14b8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:21:05.0673 0x14b8 ehRecvr - ok
23:21:05.0673 0x14b8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:21:05.0704 0x14b8 ehSched - ok
23:21:05.0720 0x14b8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:21:05.0751 0x14b8 elxstor - ok
23:21:05.0751 0x14b8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:21:05.0766 0x14b8 ErrDev - ok
23:21:05.0798 0x14b8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:21:05.0844 0x14b8 EventSystem - ok
23:21:05.0844 0x14b8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:21:05.0876 0x14b8 exfat - ok
23:21:05.0876 0x14b8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:21:05.0922 0x14b8 fastfat - ok
23:21:05.0938 0x14b8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:21:05.0985 0x14b8 Fax - ok
23:21:05.0985 0x14b8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
23:21:06.0000 0x14b8 fdc - ok
23:21:06.0016 0x14b8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:21:06.0047 0x14b8 fdPHost - ok
23:21:06.0063 0x14b8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:21:06.0125 0x14b8 FDResPub - ok
23:21:06.0141 0x14b8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:21:06.0156 0x14b8 FileInfo - ok
23:21:06.0172 0x14b8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:21:06.0219 0x14b8 Filetrace - ok
23:21:06.0234 0x14b8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:21:06.0234 0x14b8 flpydisk - ok
23:21:06.0250 0x14b8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:21:06.0266 0x14b8 FltMgr - ok
23:21:06.0312 0x14b8 [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305 C:\Windows\system32\drivers\FNETTBOH_305.SYS
23:21:06.0344 0x14b8 FNETTBOH_305 - ok
23:21:06.0359 0x14b8 [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX C:\Windows\system32\drivers\FNETURPX.SYS
23:21:06.0375 0x14b8 FNETURPX - ok
23:21:06.0453 0x14b8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
23:21:06.0500 0x14b8 FontCache - ok
23:21:06.0531 0x14b8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:21:06.0546 0x14b8 FontCache3.0.0.0 - ok
23:21:06.0562 0x14b8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:21:06.0593 0x14b8 FsDepends - ok
23:21:06.0624 0x14b8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:21:06.0656 0x14b8 Fs_Rec - ok
23:21:06.0702 0x14b8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:21:06.0734 0x14b8 fvevol - ok
23:21:06.0749 0x14b8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:21:06.0765 0x14b8 gagp30kx - ok
23:21:06.0827 0x14b8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:21:06.0858 0x14b8 gpsvc - ok
23:21:06.0921 0x14b8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:21:06.0936 0x14b8 gupdate - ok
23:21:06.0952 0x14b8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:21:06.0968 0x14b8 gupdatem - ok
23:21:06.0983 0x14b8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:21:07.0014 0x14b8 hcw85cir - ok
23:21:07.0061 0x14b8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:21:07.0124 0x14b8 HdAudAddService - ok
23:21:07.0124 0x14b8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:21:07.0139 0x14b8 HDAudBus - ok
23:21:07.0155 0x14b8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:21:07.0170 0x14b8 HidBatt - ok
23:21:07.0170 0x14b8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:21:07.0186 0x14b8 HidBth - ok
23:21:07.0202 0x14b8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
23:21:07.0217 0x14b8 HidIr - ok
23:21:07.0233 0x14b8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:21:07.0264 0x14b8 hidserv - ok
23:21:07.0295 0x14b8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:21:07.0326 0x14b8 HidUsb - ok
23:21:07.0358 0x14b8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:21:07.0404 0x14b8 hkmsvc - ok
23:21:07.0467 0x14b8 [ CF07C0A9D38A248D036DD9C47E4D0D6E, 6952DA6466DAE2E378F92934E1925887DD122A511BC5D6A0EF2194108E320126 ] hmpalert C:\Windows\system32\drivers\hmpalert.sys
23:21:07.0498 0x14b8 hmpalert - ok
23:21:07.0576 0x14b8 [ 2638395F6E61889D75C363A80A0E17F4, D61FD993DA6605F32E6CDAC889285EB67F1A112BB9A294838BB90FCBF5FA11C1 ] hmpalertsvc C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
23:21:07.0607 0x14b8 hmpalertsvc - ok
23:21:07.0623 0x14b8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:21:07.0638 0x14b8 HomeGroupListener - ok
23:21:07.0654 0x14b8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:21:07.0670 0x14b8 HomeGroupProvider - ok
23:21:07.0779 0x14b8 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
23:21:07.0810 0x14b8 hpqcxs08 - ok
23:21:07.0826 0x14b8 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
23:21:07.0857 0x14b8 hpqddsvc - ok
23:21:07.0872 0x14b8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:21:07.0888 0x14b8 HpSAMD - ok
23:21:07.0935 0x14b8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:21:07.0982 0x14b8 HTTP - ok
23:21:07.0997 0x14b8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:21:08.0013 0x14b8 hwpolicy - ok
23:21:08.0013 0x14b8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:21:08.0028 0x14b8 i8042prt - ok
23:21:08.0044 0x14b8 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
23:21:08.0060 0x14b8 iaStorA - ok
23:21:08.0138 0x14b8 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:21:08.0153 0x14b8 IAStorDataMgrSvc - ok
23:21:08.0169 0x14b8 [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
23:21:08.0200 0x14b8 iaStorF - ok
23:21:08.0262 0x14b8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:21:08.0309 0x14b8 iaStorV - ok
23:21:08.0356 0x14b8 [ E199288F016C354255C39A84378A48F6, 881B41D64D73F7A3A1680EDD68201E14AC5C60B848374EEAE44CCDDE46010E81 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
23:21:08.0403 0x14b8 ICCS - ok
23:21:08.0481 0x14b8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:21:08.0528 0x14b8 idsvc - ok
23:21:08.0543 0x14b8 IEEtwCollectorService - ok
23:21:08.0559 0x14b8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:21:08.0574 0x14b8 iirsp - ok
23:21:08.0606 0x14b8 [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys
23:21:08.0606 0x14b8 ikbevent - ok
23:21:08.0684 0x14b8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
23:21:08.0715 0x14b8 IKEEXT - ok
23:21:08.0730 0x14b8 [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys
23:21:08.0730 0x14b8 imsevent - ok
23:21:08.0855 0x14b8 [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:21:08.0918 0x14b8 IntcAzAudAddService - ok
23:21:08.0964 0x14b8 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:21:08.0996 0x14b8 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
23:21:11.0819 0x14b8 Detect skipped due to KSN trusted
23:21:11.0819 0x14b8 Intel(R) Capability Licensing Service Interface - ok
23:21:11.0866 0x14b8 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
23:21:11.0913 0x14b8 Intel(R) Capability Licensing Service TCP IP Interface - ok
23:21:11.0944 0x14b8 [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
23:21:11.0944 0x14b8 Intel(R) PROSet Monitoring Service - ok
23:21:11.0975 0x14b8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:21:11.0991 0x14b8 intelide - ok
23:21:12.0006 0x14b8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:21:12.0006 0x14b8 intelppm - ok
23:21:12.0038 0x14b8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:21:12.0069 0x14b8 IPBusEnum - ok
23:21:12.0084 0x14b8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:21:12.0100 0x14b8 IpFilterDriver - ok
23:21:12.0147 0x14b8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:21:12.0194 0x14b8 iphlpsvc - ok
23:21:12.0194 0x14b8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:21:12.0240 0x14b8 IPMIDRV - ok
23:21:12.0240 0x14b8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:21:12.0287 0x14b8 IPNAT - ok
23:21:12.0287 0x14b8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:21:12.0303 0x14b8 IRENUM - ok
23:21:12.0318 0x14b8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:21:12.0318 0x14b8 isapnp - ok
23:21:12.0365 0x14b8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:21:12.0365 0x14b8 iScsiPrt - ok
23:21:12.0396 0x14b8 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
23:21:12.0412 0x14b8 ISCT - ok
23:21:12.0428 0x14b8 [ 88CCCCFA8269973C3C3C06F94DA03BAB, A88BF3397466C40C7D4BE94288A88FF1FB7103E92FBA4E17A16AB6A04F909F29 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
23:21:12.0428 0x14b8 ISCTAgent - ok
23:21:12.0459 0x14b8 [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
23:21:12.0474 0x14b8 iusb3hcs - ok
23:21:12.0474 0x14b8 [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
23:21:12.0490 0x14b8 iusb3hub - ok
23:21:12.0521 0x14b8 [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
23:21:12.0552 0x14b8 iusb3xhc - ok
23:21:12.0615 0x14b8 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:21:12.0630 0x14b8 jhi_service - ok
23:21:12.0646 0x14b8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:21:12.0662 0x14b8 kbdclass - ok
23:21:12.0677 0x14b8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:21:12.0693 0x14b8 kbdhid - ok
23:21:12.0708 0x14b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
23:21:12.0724 0x14b8 KeyIso - ok
23:21:12.0771 0x14b8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:21:12.0786 0x14b8 KSecDD - ok
23:21:12.0786 0x14b8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:21:12.0818 0x14b8 KSecPkg - ok
23:21:12.0818 0x14b8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:21:12.0880 0x14b8 ksthunk - ok
23:21:12.0896 0x14b8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:21:12.0942 0x14b8 KtmRm - ok
23:21:12.0989 0x14b8 [ CE4347E2D90DB2E5517B6F2BC720A862, C5E1E1BDE4C2375639416B173E1035F709BE710C50812789D8BC75E0F7E2AE75 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
23:21:13.0005 0x14b8 LADF_CaptureOnly - ok
23:21:13.0020 0x14b8 [ 85A9D21D3AE2EA963E111CB150895877, 3ACB75028E86C0842814FF84D8A31D38B6D8060C86004F9B6410691EE1F0D153 ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
23:21:13.0020 0x14b8 LADF_RenderOnly - ok
23:21:13.0052 0x14b8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:21:13.0083 0x14b8 LanmanServer - ok
23:21:13.0098 0x14b8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:21:13.0130 0x14b8 LanmanWorkstation - ok
23:21:13.0145 0x14b8 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
23:21:13.0145 0x14b8 LGBusEnum - ok
23:21:13.0192 0x14b8 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
23:21:13.0208 0x14b8 LGVirHid - ok
23:21:13.0223 0x14b8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:21:13.0301 0x14b8 lltdio - ok
23:21:13.0317 0x14b8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:21:13.0348 0x14b8 lltdsvc - ok
23:21:13.0364 0x14b8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:21:13.0410 0x14b8 lmhosts - ok
23:21:13.0442 0x14b8 [ 90C864827E1722F5BB6EEA8896A4E8EF, 6F9D96B7A65BD79ED5A384025393F36A5DEAC4EE01CA173874906B54F57150EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:21:13.0457 0x14b8 LMS - ok
23:21:13.0473 0x14b8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:21:13.0488 0x14b8 LSI_FC - ok
23:21:13.0504 0x14b8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:21:13.0520 0x14b8 LSI_SAS - ok
23:21:13.0551 0x14b8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:21:13.0551 0x14b8 LSI_SAS2 - ok
23:21:13.0566 0x14b8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:21:13.0582 0x14b8 LSI_SCSI - ok
23:21:13.0598 0x14b8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:21:13.0629 0x14b8 luafv - ok
23:21:13.0660 0x14b8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:21:13.0676 0x14b8 Mcx2Svc - ok
23:21:13.0691 0x14b8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
23:21:13.0691 0x14b8 megasas - ok
23:21:13.0707 0x14b8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:21:13.0738 0x14b8 MegaSR - ok
23:21:13.0754 0x14b8 [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
23:21:13.0754 0x14b8 MEIx64 - ok
23:21:13.0785 0x14b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:21:13.0816 0x14b8 MMCSS - ok
23:21:13.0832 0x14b8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:21:13.0863 0x14b8 Modem - ok
23:21:13.0878 0x14b8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:21:13.0894 0x14b8 monitor - ok
23:21:13.0910 0x14b8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:21:13.0925 0x14b8 mouclass - ok
23:21:13.0941 0x14b8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:21:13.0956 0x14b8 mouhid - ok
23:21:13.0972 0x14b8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:21:13.0988 0x14b8 mountmgr - ok
23:21:14.0019 0x14b8 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:21:14.0034 0x14b8 MozillaMaintenance - ok
23:21:14.0034 0x14b8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:21:14.0050 0x14b8 mpio - ok
23:21:14.0066 0x14b8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:21:14.0097 0x14b8 mpsdrv - ok
23:21:14.0128 0x14b8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:21:14.0159 0x14b8 MpsSvc - ok
23:21:14.0190 0x14b8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:21:14.0206 0x14b8 MRxDAV - ok
23:21:14.0222 0x14b8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:21:14.0268 0x14b8 mrxsmb - ok
23:21:14.0300 0x14b8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:21:14.0331 0x14b8 mrxsmb10 - ok
23:21:14.0362 0x14b8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:21:14.0378 0x14b8 mrxsmb20 - ok
23:21:14.0409 0x14b8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:21:14.0424 0x14b8 msahci - ok
23:21:14.0424 0x14b8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:21:14.0440 0x14b8 msdsm - ok
23:21:14.0456 0x14b8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:21:14.0487 0x14b8 MSDTC - ok
23:21:14.0502 0x14b8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:21:14.0549 0x14b8 Msfs - ok
23:21:14.0565 0x14b8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:21:14.0580 0x14b8 mshidkmdf - ok
23:21:14.0596 0x14b8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:21:14.0612 0x14b8 msisadrv - ok
23:21:14.0627 0x14b8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:21:14.0674 0x14b8 MSiSCSI - ok
23:21:14.0674 0x14b8 msiserver - ok
23:21:14.0674 0x14b8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:21:14.0736 0x14b8 MSKSSRV - ok
23:21:14.0736 0x14b8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:21:14.0768 0x14b8 MSPCLOCK - ok
23:21:14.0768 0x14b8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:21:14.0783 0x14b8 MSPQM - ok
23:21:14.0799 0x14b8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:21:14.0814 0x14b8 MsRPC - ok
23:21:14.0830 0x14b8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:21:14.0830 0x14b8 mssmbios - ok
23:21:14.0846 0x14b8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:21:14.0861 0x14b8 MSTEE - ok
23:21:14.0861 0x14b8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:21:14.0877 0x14b8 MTConfig - ok
23:21:14.0892 0x14b8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:21:14.0892 0x14b8 Mup - ok
23:21:14.0924 0x14b8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:21:14.0955 0x14b8 napagent - ok
23:21:14.0970 0x14b8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:21:15.0002 0x14b8 NativeWifiP - ok
23:21:15.0064 0x14b8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
23:21:15.0095 0x14b8 NDIS - ok
23:21:15.0111 0x14b8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:21:15.0142 0x14b8 NdisCap - ok
23:21:15.0173 0x14b8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:21:15.0189 0x14b8 NdisTapi - ok
23:21:15.0204 0x14b8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:21:15.0220 0x14b8 Ndisuio - ok
23:21:15.0220 0x14b8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:21:15.0251 0x14b8 NdisWan - ok
23:21:15.0267 0x14b8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:21:15.0298 0x14b8 NDProxy - ok
23:21:15.0360 0x14b8 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:21:15.0376 0x14b8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:21:18.0200 0x14b8 Detect skipped due to KSN trusted
23:21:18.0200 0x14b8 Net Driver HPZ12 - ok
23:21:18.0200 0x14b8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:21:18.0293 0x14b8 NetBIOS - ok
23:21:18.0325 0x14b8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:21:18.0371 0x14b8 NetBT - ok
23:21:18.0387 0x14b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
23:21:18.0403 0x14b8 Netlogon - ok
23:21:18.0434 0x14b8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:21:18.0481 0x14b8 Netman - ok
23:21:18.0512 0x14b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:21:18.0559 0x14b8 NetMsmqActivator - ok
23:21:18.0590 0x14b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:21:18.0590 0x14b8 NetPipeActivator - ok
23:21:18.0605 0x14b8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:21:18.0652 0x14b8 netprofm - ok
23:21:18.0652 0x14b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:21:18.0668 0x14b8 NetTcpActivator - ok
23:21:18.0668 0x14b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:21:18.0668 0x14b8 NetTcpPortSharing - ok
23:21:18.0683 0x14b8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:21:18.0699 0x14b8 nfrd960 - ok
23:21:18.0715 0x14b8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:21:18.0746 0x14b8 NlaSvc - ok
23:21:18.0808 0x14b8 [ 84E64EF447EB16CAC6CC1544DDC9AB57, DE80CD1C73F1EDE72513358FFDDD332CCE960A836A376683269CC8144CCF11AB ] nldrv C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys
23:21:18.0839 0x14b8 nldrv - ok
23:21:18.0886 0x14b8 [ F69ED1878460C4460D780EA24B15C479, 2ADA35A9BEFC9C6AA7E161A1F0B49020FDE6DB34ECCB08B5B7D721EAB226396E ] nlsvc C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
23:21:18.0933 0x14b8 nlsvc - ok
23:21:18.0933 0x14b8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:21:18.0964 0x14b8 Npfs - ok
23:21:18.0980 0x14b8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:21:18.0995 0x14b8 nsi - ok
23:21:19.0011 0x14b8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:21:19.0042 0x14b8 nsiproxy - ok
23:21:19.0151 0x14b8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:21:19.0198 0x14b8 Ntfs - ok
23:21:19.0214 0x14b8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:21:19.0245 0x14b8 Null - ok
23:21:19.0261 0x14b8 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:21:19.0261 0x14b8 NVHDA - ok
23:21:19.0604 0x14b8 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:21:19.0807 0x14b8 nvlddmkm - ok
23:21:19.0947 0x14b8 [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:21:20.0009 0x14b8 NvNetworkService - ok
23:21:20.0056 0x14b8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:21:20.0087 0x14b8 nvraid - ok
23:21:20.0103 0x14b8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:21:20.0119 0x14b8 nvstor - ok
23:21:20.0555 0x14b8 [ 4F0E2990DB12849D428DE7B0AC5D92B9, 77A058EFFE07E46F0DFF419DC1C204C245598E6A6F6EDFF545802D9C1573EAA0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
23:21:20.0930 0x14b8 NvStreamSvc - ok
23:21:20.0977 0x14b8 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:21:21.0008 0x14b8 nvsvc - ok
23:21:21.0023 0x14b8 [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:21:21.0023 0x14b8 nvvad_WaveExtensible - ok
23:21:21.0055 0x14b8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:21:21.0055 0x14b8 nv_agp - ok
23:21:21.0148 0x14b8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:21:21.0195 0x14b8 odserv - ok
23:21:21.0195 0x14b8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:21:21.0226 0x14b8 ohci1394 - ok
23:21:21.0273 0x14b8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:21:21.0289 0x14b8 ose - ok
23:21:21.0304 0x14b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:21:21.0351 0x14b8 p2pimsvc - ok
23:21:21.0382 0x14b8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:21:21.0398 0x14b8 p2psvc - ok
23:21:21.0398 0x14b8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
23:21:21.0413 0x14b8 Parport - ok
23:21:21.0445 0x14b8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:21:21.0476 0x14b8 partmgr - ok
23:21:21.0491 0x14b8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
23:21:21.0523 0x14b8 PcaSvc - ok
23:21:21.0538 0x14b8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:21:21.0554 0x14b8 pci - ok
23:21:21.0585 0x14b8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:21:21.0616 0x14b8 pciide - ok
23:21:21.0616 0x14b8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:21:21.0647 0x14b8 pcmcia - ok
23:21:21.0647 0x14b8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:21:21.0663 0x14b8 pcw - ok
23:21:21.0679 0x14b8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:21:21.0725 0x14b8 PEAUTH - ok
23:21:21.0772 0x14b8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:21:21.0819 0x14b8 PeerDistSvc - ok
23:21:21.0866 0x14b8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:21:21.0897 0x14b8 PerfHost - ok
23:21:21.0944 0x14b8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:21:22.0006 0x14b8 pla - ok
23:21:22.0069 0x14b8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:21:22.0115 0x14b8 PlugPlay - ok
23:21:22.0162 0x14b8 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:21:22.0178 0x14b8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
23:21:25.0017 0x14b8 Detect skipped due to KSN trusted
23:21:25.0017 0x14b8 Pml Driver HPZ12 - ok
23:21:25.0033 0x14b8 PnkBstrA - ok
23:21:25.0033 0x14b8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:21:25.0079 0x14b8 PNRPAutoReg - ok
23:21:25.0111 0x14b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:21:25.0157 0x14b8 PNRPsvc - ok
23:21:25.0204 0x14b8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:21:25.0267 0x14b8 PolicyAgent - ok
23:21:25.0282 0x14b8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:21:25.0313 0x14b8 Power - ok
23:21:25.0329 0x14b8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:21:25.0360 0x14b8 PptpMiniport - ok
23:21:25.0376 0x14b8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
23:21:25.0391 0x14b8 Processor - ok
23:21:25.0423 0x14b8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
23:21:25.0454 0x14b8 ProfSvc - ok
23:21:25.0469 0x14b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:21:25.0485 0x14b8 ProtectedStorage - ok
23:21:25.0516 0x14b8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:21:25.0547 0x14b8 Psched - ok
23:21:25.0594 0x14b8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:21:25.0625 0x14b8 ql2300 - ok
23:21:25.0625 0x14b8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:21:25.0641 0x14b8 ql40xx - ok
23:21:25.0657 0x14b8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:21:25.0672 0x14b8 QWAVE - ok
23:21:25.0672 0x14b8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:21:25.0688 0x14b8 QWAVEdrv - ok
23:21:25.0703 0x14b8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:21:25.0719 0x14b8 RasAcd - ok
23:21:25.0750 0x14b8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:21:25.0766 0x14b8 RasAgileVpn - ok
23:21:25.0781 0x14b8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:21:25.0797 0x14b8 RasAuto - ok
23:21:25.0813 0x14b8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:21:25.0844 0x14b8 Rasl2tp - ok
23:21:25.0859 0x14b8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:21:25.0891 0x14b8 RasMan - ok
23:21:25.0906 0x14b8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:21:25.0937 0x14b8 RasPppoe - ok
23:21:25.0953 0x14b8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:21:25.0969 0x14b8 RasSstp - ok
23:21:25.0984 0x14b8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:21:26.0015 0x14b8 rdbss - ok
23:21:26.0031 0x14b8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:21:26.0031 0x14b8 rdpbus - ok
23:21:26.0047 0x14b8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:21:26.0062 0x14b8 RDPCDD - ok
23:21:26.0093 0x14b8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:21:26.0125 0x14b8 RDPDR - ok
23:21:26.0125 0x14b8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:21:26.0171 0x14b8 RDPENCDD - ok
23:21:26.0171 0x14b8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:21:26.0187 0x14b8 RDPREFMP - ok
23:21:26.0234 0x14b8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:21:26.0281 0x14b8 RdpVideoMiniport - ok
23:21:26.0327 0x14b8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:21:26.0374 0x14b8 RDPWD - ok
23:21:26.0390 0x14b8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:21:26.0421 0x14b8 rdyboost - ok
23:21:26.0437 0x14b8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:21:26.0468 0x14b8 RemoteAccess - ok
23:21:26.0499 0x14b8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:21:26.0530 0x14b8 RemoteRegistry - ok
23:21:26.0546 0x14b8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:21:26.0561 0x14b8 RpcEptMapper - ok
23:21:26.0593 0x14b8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:21:26.0608 0x14b8 RpcLocator - ok
23:21:26.0624 0x14b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
23:21:26.0655 0x14b8 RpcSs - ok
23:21:26.0671 0x14b8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:21:26.0686 0x14b8 rspndr - ok
23:21:26.0702 0x14b8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:21:26.0717 0x14b8 s3cap - ok
23:21:26.0733 0x14b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
23:21:26.0733 0x14b8 SamSs - ok
23:21:26.0749 0x14b8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:21:26.0764 0x14b8 sbp2port - ok
23:21:26.0780 0x14b8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:21:26.0811 0x14b8 SCardSvr - ok
23:21:26.0811 0x14b8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:21:26.0842 0x14b8 scfilter - ok
23:21:26.0858 0x14b8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
23:21:26.0920 0x14b8 Schedule - ok
23:21:26.0920 0x14b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:21:26.0936 0x14b8 SCPolicySvc - ok
23:21:26.0951 0x14b8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:21:26.0983 0x14b8 SDRSVC - ok
23:21:26.0983 0x14b8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:21:27.0014 0x14b8 secdrv - ok
23:21:27.0029 0x14b8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:21:27.0045 0x14b8 seclogon - ok
23:21:27.0061 0x14b8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
23:21:27.0092 0x14b8 SENS - ok
23:21:27.0092 0x14b8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:21:27.0123 0x14b8 SensrSvc - ok
23:21:27.0154 0x14b8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:21:27.0170 0x14b8 Serenum - ok
23:21:27.0185 0x14b8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:21:27.0217 0x14b8 Serial - ok
23:21:27.0232 0x14b8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:21:27.0263 0x14b8 sermouse - ok
23:21:27.0279 0x14b8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:21:27.0326 0x14b8 SessionEnv - ok
23:21:27.0326 0x14b8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:21:27.0341 0x14b8 sffdisk - ok
23:21:27.0341 0x14b8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:21:27.0357 0x14b8 sffp_mmc - ok
23:21:27.0357 0x14b8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:21:27.0373 0x14b8 sffp_sd - ok
23:21:27.0373 0x14b8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:21:27.0373 0x14b8 sfloppy - ok
23:21:27.0388 0x14b8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:21:27.0435 0x14b8 SharedAccess - ok
23:21:27.0482 0x14b8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:21:27.0529 0x14b8 ShellHWDetection - ok
23:21:27.0560 0x14b8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:21:27.0560 0x14b8 SiSRaid2 - ok
23:21:27.0575 0x14b8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:21:27.0591 0x14b8 SiSRaid4 - ok
23:21:27.0622 0x14b8 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:21:27.0653 0x14b8 SkypeUpdate - ok
23:21:27.0653 0x14b8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:21:27.0669 0x14b8 Smb - ok
23:21:27.0700 0x14b8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:21:27.0716 0x14b8 SNMPTRAP - ok
23:21:27.0731 0x14b8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:21:27.0747 0x14b8 spldr - ok
23:21:27.0763 0x14b8 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
23:21:27.0794 0x14b8 Spooler - ok
23:21:27.0856 0x14b8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:21:27.0950 0x14b8 sppsvc - ok
23:21:27.0965 0x14b8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:21:27.0981 0x14b8 sppuinotify - ok
23:21:27.0997 0x14b8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:21:28.0043 0x14b8 srv - ok
23:21:28.0075 0x14b8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:21:28.0090 0x14b8 srv2 - ok
23:21:28.0106 0x14b8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:21:28.0121 0x14b8 srvnet - ok
23:21:28.0137 0x14b8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:21:28.0168 0x14b8 SSDPSRV - ok
23:21:28.0184 0x14b8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:21:28.0199 0x14b8 SstpSvc - ok
23:21:28.0246 0x14b8 [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:21:28.0293 0x14b8 Steam Client Service - ok
23:21:28.0355 0x14b8 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:21:28.0387 0x14b8 Stereo Service - ok
23:21:28.0418 0x14b8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:21:28.0433 0x14b8 stexstor - ok
23:21:28.0465 0x14b8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:21:28.0527 0x14b8 stisvc - ok
23:21:28.0543 0x14b8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:21:28.0558 0x14b8 storflt - ok
23:21:28.0574 0x14b8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
23:21:28.0605 0x14b8 StorSvc - ok
23:21:28.0636 0x14b8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:21:28.0652 0x14b8 storvsc - ok
23:21:28.0667 0x14b8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:21:28.0683 0x14b8 swenum - ok
23:21:28.0699 0x14b8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:21:28.0730 0x14b8 swprv - ok
23:21:28.0761 0x14b8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
23:21:28.0808 0x14b8 SysMain - ok
23:21:28.0823 0x14b8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:21:28.0839 0x14b8 TabletInputService - ok
23:21:28.0839 0x14b8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:21:28.0886 0x14b8 TapiSrv - ok
23:21:28.0901 0x14b8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:21:28.0917 0x14b8 TBS - ok
23:21:29.0026 0x14b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:21:29.0073 0x14b8 Tcpip - ok
23:21:29.0104 0x14b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:21:29.0135 0x14b8 TCPIP6 - ok
23:21:29.0167 0x14b8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:21:29.0182 0x14b8 tcpipreg - ok
23:21:29.0182 0x14b8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:21:29.0213 0x14b8 TDPIPE - ok
23:21:29.0245 0x14b8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:21:29.0276 0x14b8 TDTCP - ok
23:21:29.0291 0x14b8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:21:29.0354 0x14b8 tdx - ok
23:21:29.0369 0x14b8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:21:29.0369 0x14b8 TermDD - ok
23:21:29.0401 0x14b8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
23:21:29.0416 0x14b8 TermService - ok
23:21:29.0432 0x14b8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:21:29.0447 0x14b8 Themes - ok
23:21:29.0463 0x14b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:21:29.0494 0x14b8 THREADORDER - ok
23:21:29.0510 0x14b8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:21:29.0541 0x14b8 TrkWks - ok
23:21:29.0572 0x14b8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:21:29.0588 0x14b8 TrustedInstaller - ok
23:21:29.0619 0x14b8 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:21:29.0666 0x14b8 tssecsrv - ok
23:21:29.0713 0x14b8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:21:29.0775 0x14b8 TsUsbFlt - ok
23:21:29.0791 0x14b8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:21:29.0837 0x14b8 TsUsbGD - ok
23:21:29.0869 0x14b8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:21:29.0931 0x14b8 tunnel - ok
23:21:29.0931 0x14b8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:21:29.0962 0x14b8 uagp35 - ok
23:21:29.0978 0x14b8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:21:30.0025 0x14b8 udfs - ok
23:21:30.0040 0x14b8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:21:30.0056 0x14b8 UI0Detect - ok
23:21:30.0071 0x14b8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:21:30.0087 0x14b8 uliagpkx - ok
23:21:30.0087 0x14b8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:21:30.0118 0x14b8 umbus - ok
23:21:30.0118 0x14b8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
23:21:30.0134 0x14b8 UmPass - ok
23:21:30.0149 0x14b8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
23:21:30.0181 0x14b8 UmRdpService - ok
23:21:30.0196 0x14b8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:21:30.0227 0x14b8 upnphost - ok
23:21:30.0274 0x14b8 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:21:30.0337 0x14b8 usbaudio - ok
23:21:30.0352 0x14b8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:21:30.0399 0x14b8 usbccgp - ok
23:21:30.0415 0x14b8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:21:30.0477 0x14b8 usbcir - ok
23:21:30.0477 0x14b8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:21:30.0508 0x14b8 usbehci - ok
23:21:30.0555 0x14b8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:21:30.0617 0x14b8 usbhub - ok
23:21:30.0633 0x14b8 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:21:30.0664 0x14b8 usbohci - ok
23:21:30.0664 0x14b8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:21:30.0695 0x14b8 usbprint - ok
23:21:30.0727 0x14b8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:21:30.0758 0x14b8 usbscan - ok
23:21:30.0789 0x14b8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:21:30.0820 0x14b8 USBSTOR - ok
23:21:30.0836 0x14b8 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:21:30.0851 0x14b8 usbuhci - ok
23:21:30.0883 0x14b8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:21:30.0929 0x14b8 UxSms - ok
23:21:30.0945 0x14b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
23:21:30.0945 0x14b8 VaultSvc - ok
23:21:30.0976 0x14b8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:21:30.0992 0x14b8 vdrvroot - ok
23:21:31.0007 0x14b8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:21:31.0039 0x14b8 vds - ok
23:21:31.0039 0x14b8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:21:31.0054 0x14b8 vga - ok
23:21:31.0070 0x14b8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:21:31.0101 0x14b8 VgaSave - ok
23:21:31.0101 0x14b8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:21:31.0117 0x14b8 vhdmp - ok
23:21:31.0163 0x14b8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:21:31.0163 0x14b8 viaide - ok
23:21:31.0195 0x14b8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:21:31.0210 0x14b8 vmbus - ok
23:21:31.0226 0x14b8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:21:31.0241 0x14b8 VMBusHID - ok
23:21:31.0273 0x14b8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:21:31.0273 0x14b8 volmgr - ok
23:21:31.0288 0x14b8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:21:31.0304 0x14b8 volmgrx - ok
23:21:31.0319 0x14b8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:21:31.0335 0x14b8 volsnap - ok
23:21:31.0366 0x14b8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:21:31.0382 0x14b8 vsmraid - ok
23:21:31.0429 0x14b8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:21:31.0475 0x14b8 VSS - ok
23:21:31.0491 0x14b8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:21:31.0507 0x14b8 vwifibus - ok
23:21:31.0522 0x14b8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:21:31.0538 0x14b8 vwififlt - ok
23:21:31.0569 0x14b8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:21:31.0585 0x14b8 W32Time - ok
23:21:31.0600 0x14b8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:21:31.0616 0x14b8 WacomPen - ok
23:21:31.0647 0x14b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:21:31.0663 0x14b8 WANARP - ok
23:21:31.0678 0x14b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:21:31.0694 0x14b8 Wanarpv6 - ok
23:21:31.0741 0x14b8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:21:31.0819 0x14b8 wbengine - ok
23:21:31.0834 0x14b8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:21:31.0865 0x14b8 WbioSrvc - ok
23:21:31.0881 0x14b8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:21:31.0912 0x14b8 wcncsvc - ok
23:21:31.0928 0x14b8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:21:31.0959 0x14b8 WcsPlugInService - ok
23:21:31.0959 0x14b8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
23:21:31.0975 0x14b8 Wd - ok
23:21:32.0006 0x14b8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:21:32.0037 0x14b8 Wdf01000 - ok
23:21:32.0053 0x14b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:21:32.0115 0x14b8 WdiServiceHost - ok
23:21:32.0131 0x14b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:21:32.0146 0x14b8 WdiSystemHost - ok
23:21:32.0177 0x14b8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
23:21:32.0193 0x14b8 WebClient - ok
23:21:32.0209 0x14b8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:21:32.0240 0x14b8 Wecsvc - ok
23:21:32.0255 0x14b8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:21:32.0287 0x14b8 wercplsupport - ok
23:21:32.0287 0x14b8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:21:32.0318 0x14b8 WerSvc - ok
23:21:32.0333 0x14b8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:21:32.0349 0x14b8 WfpLwf - ok
23:21:32.0365 0x14b8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:21:32.0365 0x14b8 WIMMount - ok
23:21:32.0396 0x14b8 WinDefend - ok
23:21:32.0396 0x14b8 WinHttpAutoProxySvc - ok
23:21:32.0443 0x14b8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:21:32.0474 0x14b8 Winmgmt - ok
23:21:32.0505 0x14b8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
23:21:32.0567 0x14b8 WinRM - ok
23:21:32.0630 0x14b8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:21:32.0661 0x14b8 WinUsb - ok
23:21:32.0692 0x14b8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:21:32.0723 0x14b8 Wlansvc - ok
23:21:32.0723 0x14b8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:21:32.0723 0x14b8 WmiAcpi - ok
23:21:32.0739 0x14b8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:21:32.0770 0x14b8 wmiApSrv - ok
23:21:32.0786 0x14b8 WMPNetworkSvc - ok
23:21:32.0801 0x14b8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:21:32.0833 0x14b8 WPCSvc - ok
23:21:32.0833 0x14b8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:21:32.0864 0x14b8 WPDBusEnum - ok
23:21:32.0879 0x14b8 [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\Windows\system32\drivers\WPRO_41_2001.sys
23:21:32.0879 0x14b8 WPRO_41_2001 - ok
23:21:32.0911 0x14b8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:21:32.0973 0x14b8 ws2ifsl - ok
23:21:32.0989 0x14b8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
23:21:33.0004 0x14b8 wscsvc - ok
23:21:33.0004 0x14b8 WSearch - ok
23:21:33.0082 0x14b8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
23:21:33.0145 0x14b8 wuauserv - ok
23:21:33.0176 0x14b8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:21:33.0207 0x14b8 WudfPf - ok
23:21:33.0254 0x14b8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:21:33.0285 0x14b8 WUDFRd - ok
23:21:33.0332 0x14b8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:21:33.0347 0x14b8 wudfsvc - ok
23:21:33.0394 0x14b8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:21:33.0457 0x14b8 WwanSvc - ok
23:21:33.0519 0x14b8 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
23:21:33.0550 0x14b8 xusb21 - ok
23:21:33.0566 0x14b8 ================ Scan global ===============================
23:21:33.0581 0x14b8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
23:21:33.0644 0x14b8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:21:33.0659 0x14b8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
23:21:33.0691 0x14b8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:21:33.0737 0x14b8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
23:21:33.0737 0x14b8 [ Global ] - ok
23:21:33.0737 0x14b8 ================ Scan MBR ==================================
23:21:33.0753 0x14b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:21:34.0049 0x14b8 \Device\Harddisk0\DR0 - ok
23:21:34.0049 0x14b8 ================ Scan VBR ==================================
23:21:34.0049 0x14b8 [ A84EC378D1B68EFB66F79DD1B37DA2D9 ] \Device\Harddisk0\DR0\Partition1
23:21:34.0096 0x14b8 \Device\Harddisk0\DR0\Partition1 - ok
23:21:34.0096 0x14b8 [ AC0183CBFEDF55B7AB79FA40B977C338 ] \Device\Harddisk0\DR0\Partition2
23:21:34.0127 0x14b8 \Device\Harddisk0\DR0\Partition2 - ok
23:21:34.0127 0x14b8 ================ Scan generic autorun ======================
23:21:34.0439 0x14b8 [ 324B8DDDF70D28B7A767E0608256DF36, 2FA4AA3F5E6D9C16A50F986027708AF657ADE9AE2A286E4F7686A1DF510FC2C1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:21:34.0939 0x14b8 RTHDVCPL - ok
23:21:34.0970 0x14b8 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
23:21:34.0985 0x14b8 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
23:21:37.0809 0x14b8 Detect skipped due to KSN trusted
23:21:37.0809 0x14b8 IAStorIcon - ok
23:21:37.0903 0x14b8 [ EE73B56ED71EB6383F25FA5468923BB2, 0A13F25C55D97A3F86766BED449265514147D41ABB392C9451B9FB070EC7E8E4 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:21:37.0949 0x14b8 NvBackend - ok
23:21:37.0949 0x14b8 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
23:21:37.0965 0x14b8 ShadowPlay - ok
23:21:38.0168 0x14b8 [ 430FEA290AC80AB313D54AC5718219FB, 81254380E2C0E1AFEA0F447B6C19C2F2A7A87641CA81E2F55611E5E319730BFA ] C:\Program Files\Logitech Gaming Software\LCore.exe
23:21:38.0277 0x14b8 Launch LCore - ok
23:21:38.0558 0x14b8 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
23:21:38.0620 0x14b8 XboxStat - ok
23:21:38.0651 0x14b8 [ 1907517A11D41C24BD3A8F9137E334B7, 18AC567D9F1284B5CF60D5E98759D691E1BB1DE2637E55CEBEE88C1B68C10CD9 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
23:21:38.0667 0x14b8 IMSS - ok
23:21:38.0714 0x14b8 [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
23:21:38.0761 0x14b8 USB3MON - ok
23:21:38.0885 0x14b8 [ 94F295B0A3182F6D4657372525FCEDED, BA31D107566BB0BB87AAE64D5C629F578FDAFA67AFAFD1DCF7E9B3C9C651E021 ] C:\Program Files (x86)\XFastUSB\XFastUsb.exe
23:21:38.0979 0x14b8 XFastUSB - ok
23:21:39.0026 0x14b8 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
23:21:39.0041 0x14b8 avgnt - ok
23:21:39.0104 0x14b8 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:21:39.0119 0x14b8 Adobe ARM - ok
23:21:39.0182 0x14b8 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
23:21:39.0197 0x14b8 HP Software Update - ok
23:21:39.0244 0x14b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:21:39.0338 0x14b8 Sidebar - ok
23:21:39.0385 0x14b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:21:39.0431 0x14b8 mctadmin - ok
23:21:39.0463 0x14b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:21:39.0494 0x14b8 Sidebar - ok
23:21:39.0509 0x14b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:21:39.0509 0x14b8 mctadmin - ok
23:21:39.0665 0x14b8 [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
23:21:39.0697 0x14b8 Spotify Web Helper - ok
23:21:39.0697 0x14b8 Waiting for KSN requests completion. In queue: 223
23:21:40.0711 0x14b8 Waiting for KSN requests completion. In queue: 223
23:21:41.0725 0x14b8 Waiting for KSN requests completion. In queue: 15
23:21:42.0785 0x14b8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
23:21:42.0785 0x14b8 Win FW state via NFP2: enabled
23:21:45.0562 0x14b8 ============================================================
23:21:45.0562 0x14b8 Scan finished
23:21:45.0562 0x14b8 ============================================================
23:21:45.0562 0x1348 Detected object count: 0
23:21:45.0562 0x1348 Actual detected object count: 0
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.08.28.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17207
Thorben :: THORBEN-PC [administrator]
28.08.2014 23:32:52
mbar-log-2014-08-28 (23-32-52).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 299267
Time elapsed: 6 minute(s), 48 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
29.08.2014, 12:41
| #6 |
| /// the machine /// TB-Ausbilder | Virus erstellt voip im Router hi, Scan mit Combofix
__________________ --> Virus erstellt voip im Router |
|
30.08.2014, 16:05
| #7 |
| | Virus erstellt voip im Router Der Combofix log: Code:
ATTFilter ComboFix 14-08-29.03 - Thorben 30.08.2014 16:54:06.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8111.6307 [GMT 2:00]
ausgeführt von:: c:\users\Thorben\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976\search-metadata.json
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-28 bis 2014-08-30 ))))))))))))))))))))))))))))))
.
.
2014-08-30 14:58 . 2014-08-30 14:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-30 14:47 . 2014-08-30 14:47 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2014-08-28 21:32 . 2014-08-28 21:42 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-08-27 21:13 . 2014-08-29 07:17 -------- d-----w- c:\users\Thorben\Bewerbung
2014-08-27 17:25 . 2014-08-27 17:26 -------- d-----w- C:\FRST
2014-08-26 18:42 . 2014-08-26 18:42 -------- d-----w- c:\programdata\HitmanPro.Alert
2014-08-26 18:42 . 2014-08-30 14:27 -------- d-----w- c:\windows\CryptoGuard
2014-08-26 09:58 . 2014-08-26 09:58 -------- d-----w- c:\users\Thorben\AppData\Local\ElevatedDiagnostics
2014-08-26 08:29 . 2014-08-26 08:29 -------- d-----w- c:\program files (x86)\StarCraft II
2014-08-24 17:20 . 2014-08-24 17:20 -------- d-----w- c:\users\Thorben\AppData\Local\Adobe
2014-08-21 17:42 . 2014-08-21 17:42 -------- d-----w- c:\program files (x86)\MSXML 4.0
2014-08-21 17:16 . 2014-08-21 17:16 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2014-08-21 17:16 . 2014-08-21 17:16 -------- d-----w- c:\windows\system32\wbem\en-US
2014-08-21 17:14 . 2014-08-21 17:14 -------- d-----w- c:\program files (x86)\Microsoft
2014-08-21 17:13 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2014-08-21 16:46 . 2014-08-21 16:48 -------- d-----w- c:\windows\system32\MRT
2014-08-21 16:40 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2014-08-21 16:33 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-08-21 16:33 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-08-21 16:33 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-08-21 16:33 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-08-21 16:33 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-08-21 16:33 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-08-21 16:33 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-08-21 16:21 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-21 16:21 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-21 16:21 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-21 16:21 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-21 16:21 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-21 16:21 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-21 16:20 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-21 16:20 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-21 16:20 . 2014-08-21 16:20 -------- d-s---w- c:\windows\system32\CompatTel
2014-08-21 15:57 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2014-08-21 15:56 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-08-21 15:55 . 2014-05-30 08:08 340992 ----a-w- c:\windows\system32\schannel.dll
2014-08-21 15:54 . 2014-02-04 02:32 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-08-21 15:54 . 2014-02-04 02:04 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-08-21 15:53 . 2014-07-02 17:44 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-08-21 15:50 . 2014-07-02 20:48 4247000 ----a-w- c:\windows\system32\nvcuvid.dll
2014-08-21 15:50 . 2014-07-02 20:48 418760 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-08-21 15:50 . 2014-07-02 20:48 3989960 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-08-21 15:50 . 2014-07-02 20:48 22994208 ----a-w- c:\windows\system32\nvcompiler.dll
2014-08-21 15:50 . 2014-07-02 20:48 1890080 ----a-w- c:\windows\system32\nvdispco6434052.dll
2014-08-21 15:50 . 2014-07-02 20:48 17555104 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-08-21 15:50 . 2014-07-02 20:48 1539928 ----a-w- c:\windows\system32\nvdispgenco6434052.dll
2014-08-21 15:50 . 2014-07-02 20:48 15294296 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-08-21 15:50 . 2014-07-02 20:48 13835208 ----a-w- c:\windows\system32\nvcuda.dll
2014-08-21 15:50 . 2014-07-02 20:48 11222048 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-08-21 15:46 . 2014-02-04 02:35 190912 ----a-w- c:\windows\system32\drivers\storport.sys
2014-08-21 15:46 . 2014-02-04 02:35 274880 ----a-w- c:\windows\system32\drivers\msiscsi.sys
2014-08-21 15:46 . 2014-02-04 02:35 27584 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2014-08-21 15:46 . 2014-02-04 02:28 2048 ----a-w- c:\windows\system32\iologmsg.dll
2014-08-21 15:46 . 2014-02-04 02:00 2048 ----a-w- c:\windows\SysWow64\iologmsg.dll
2014-08-21 15:46 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2014-08-21 15:42 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2014-08-21 15:41 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2014-08-21 15:40 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-21 15:40 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-21 15:40 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2014-08-21 15:40 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2014-08-21 15:40 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2014-08-21 15:40 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2014-08-21 15:40 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2014-08-19 13:34 . 2014-08-21 17:40 -------- d-----w- c:\program files (x86)\Microsoft Works
2014-08-19 13:34 . 2014-08-19 13:34 -------- d-----w- c:\windows\PCHEALTH
2014-08-19 13:32 . 2014-08-19 13:32 -------- d-----w- c:\program files\Microsoft Office
2014-08-19 13:32 . 2014-08-19 13:32 -------- d-----w- c:\users\Thorben\AppData\Local\Microsoft Help
2014-08-19 13:32 . 2014-08-21 17:41 -------- d-----w- c:\programdata\Microsoft Help
2014-08-19 13:31 . 2014-08-19 13:31 -------- d-----r- C:\MSOCache
2014-08-14 14:28 . 2014-08-14 14:28 -------- d-----w- c:\users\Thorben\AppData\Local\Chromium
2014-08-14 14:20 . 2014-08-14 15:50 -------- d-----w- c:\users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 00:11 . 2014-08-14 00:11 159744 ----a-w- c:\windows\winhlq32.exe
2014-08-14 00:05 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-14 00:05 . 2014-08-27 16:47 -------- d-----w- C:\AdwCleaner
2014-08-13 01:48 . 2014-08-13 01:50 -------- d-----w- C:\ArcTemp
2014-08-13 01:47 . 2014-08-13 01:48 -------- d-----w- c:\users\Thorben\AppData\Roaming\Arc
2014-08-13 01:45 . 2014-08-13 01:50 -------- d-----w- c:\program files (x86)\Perfect World Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-30 14:47 . 2014-05-03 14:58 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2014-08-28 21:32 . 2014-05-05 17:33 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-28 21:31 . 2014-05-05 16:45 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-13 17:24 . 2014-05-03 17:14 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-13 17:24 . 2014-05-03 17:14 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-06 08:07 . 2014-08-06 08:07 232896 ----a-w- c:\windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-07-27 23:05 . 2014-07-25 16:27 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-27 23:05 . 2014-07-25 15:42 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-25 22:44 . 2014-07-25 16:27 297088 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-07-25 16:27 . 2014-07-25 16:27 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-07-02 20:48 . 2014-05-03 20:24 31512520 ----a-w- c:\windows\system32\nvoglv64.dll
2014-07-02 20:48 . 2014-05-03 20:24 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2014-05-03 15:11 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:48 . 2014-05-03 15:11 61912 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-02 20:48 . 2014-05-03 15:07 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2014-05-03 15:07 16122344 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2014-05-03 15:07 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2014-05-03 15:07 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 20:48 . 2014-05-03 15:07 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 18:55 . 2014-05-03 15:11 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2014-05-03 15:11 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2014-05-03 15:11 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2014-05-03 15:11 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2014-05-03 15:11 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2014-05-03 15:11 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-02 10:14 . 2014-05-03 15:11 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-17 22:34 . 2014-05-03 15:19 32320 ----a-w- c:\windows\system32\drivers\FNETTBOH_305.SYS
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-10 1178168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-03 134616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2014-05-03 6226624]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorSysTray.exe" [2012-02-09 979360]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-3-14 248296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
R2 ASRockIOMon;ASRock IO Monitor Service;c:\program files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe;c:\program files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 AsrHidFilter;AsrHidFilter;c:\windows\system32\DRIVERS\AsrHidFilter.sys;c:\windows\SYSNATIVE\DRIVERS\AsrHidFilter.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 nldrv;nldrv;c:\program files\Locktime Software\NetLimiter 4\nldrv.sys;c:\program files\Locktime Software\NetLimiter 4\nldrv.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ALSysIO;ALSysIO;c:\users\Thorben\AppData\Local\Temp\ALSysIO64.sys;c:\users\Thorben\AppData\Local\Temp\ALSysIO64.sys [x]
S3 AsrDrv101;AsrDrv101;c:\windows\SysWOW64\Drivers\AsrDrv101.sys;c:\windows\SysWOW64\Drivers\AsrDrv101.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
S4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - avipbb
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 08:53 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-03 17:24]
.
2014-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-03 16:27]
.
2014-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-03 16:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-07-26 13636824]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-08-07 36352]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Fatal1tySTU - (no file)
Wow6432Node-HKCU-Run-ASRockHDMISwitch - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-08-30 17:00:29
ComboFix-quarantined-files.txt 2014-08-30 15:00
.
Vor Suchlauf: 12 Verzeichnis(se), 724.024.303.616 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 723.672.002.560 Bytes frei
.
- - End Of File - - D7C3833386B743B20C2CD53AA13AC1D0
A36C5E4F47E84449FF07ED3517B43A31
Vielen Dank für deine Hilfe. |
|
30.08.2014, 16:06
| #8 |
| /// the machine /// TB-Ausbilder | Virus erstellt voip im Router Logo. Ich würde das DIng eh einmal auf Werkseinstellungen zurücksetzen. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2014, 09:22
| #9 |
| | Virus erstellt voip im Router Mbam log: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 31.08.2014 Suchlauf-Zeit: 09:47:54 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.31.01 Rootkit Datenbank: v2014.08.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Thorben Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 312093 Verstrichene Zeit: 7 Min, 48 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 2 PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [d4c5ffcaf48763d31ef76eea34d057a9], PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [3960facf27540e284fc55ff96f95de22], Registrierungswerte: 1 PUP.Optional.QuickStart.A, HKU\S-1-5-21-761638862-2947245423-882755344-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, quick_start@gmail.com, In Quarantäne, [e6b3943591ea83b36249a15a956dab55] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 2 PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, In Quarantäne, [7d1cf2d76d0ece68c8f91980aa571ce4], PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [f1a83a8fef8c76c08890bb9d1be9a858], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.308 - Bericht erstellt am 31/08/2014 um 10:05:13
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Thorben - THORBEN-PC
# Gestartet von : C:\Users\Thorben\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17207
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ Datei : C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320324&octid=EB_ORIGINAL_CTID&ISID=M9FEC8BBC-1EBC-407B-80E9-96701BEF61BF&SearchSource=58&CUI=&UM=6&UP=SP09328ECB-F0F2-45D3-9CFD-4122C82E6F2E&q={searchTerms}&SSPV=
*************************
AdwCleaner[R0].txt - [3817 octets] - [14/08/2014 02:05:28]
AdwCleaner[R1].txt - [3706 octets] - [14/08/2014 02:15:28]
AdwCleaner[R2].txt - [1600 octets] - [26/08/2014 05:35:05]
AdwCleaner[R3].txt - [1354 octets] - [27/08/2014 18:47:14]
AdwCleaner[R4].txt - [1711 octets] - [31/08/2014 10:03:22]
AdwCleaner[S0].txt - [3036 octets] - [14/08/2014 02:07:03]
AdwCleaner[S1].txt - [3695 octets] - [14/08/2014 02:16:16]
AdwCleaner[S2].txt - [1661 octets] - [26/08/2014 05:35:54]
AdwCleaner[S3].txt - [1415 octets] - [27/08/2014 18:47:51]
AdwCleaner[S4].txt - [1632 octets] - [31/08/2014 10:05:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1692 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x64
Ran by Thorben on 31.08.2014 at 10:11:20,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ FireFox
Emptied folder: C:\Users\Thorben\AppData\Roaming\mozilla\firefox\profiles\1dthd3mz.default-1399824096976\minidumps [93 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.08.2014 at 10:12:33,63
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-08-2014
Ran by Thorben (administrator) on THORBEN-PC on 31-08-2014 10:14:10
Running from C:\Users\Thorben\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Users\Thorben\Downloads\Core Temp\Core Temp.exe
() C:\Program Files (x86)\ASRock Utility\HDMISwitch\Bin\HDMISwitch.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [6226624 2014-05-03] (FNet Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Imperator Driver] => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKU\S-1-5-21-761638862-2947245423-882755344-1000\...\Run: [Spotify Web Helper] => C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-10] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1C23934DE566CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976\Extensions\youtubeunblocker@unblocker.yt [2014-06-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-11]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320324&octid=EB_ORIGINAL_CTID&ISID=M9FEC8BBC-1EBC-407B-80E9-96701BEF61BF&SearchSource=58&CUI=&UM=6&UP=SP09328ECB-F0F2-45D3-9CFD-4122C82E6F2E&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-03]
CHR Extension: (YouTube) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]
CHR Extension: (Google-Suche) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]
CHR Extension: (Tampermonkey) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-05-03]
CHR Extension: (CnC TA Script Collection) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhpmdclklpgfcpoiomjofgfagenmgeo [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]
CHR Extension: (Google Mail) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-08-12] (Perfect World Entertainment Inc)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 ASRockIOMon; C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-07-09] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-25] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-05-03] (ASRock Incorporation)
S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [20232 2013-09-09] (ASRock Inc.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-06-18] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-05-03] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-07-09] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-08-31] ()
R3 ALSysIO; \??\C:\Users\Thorben\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 10:12 - 2014-08-31 10:12 - 00000868 _____ () C:\Users\Thorben\Desktop\JRT.txt
2014-08-31 10:11 - 2014-08-31 10:11 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-08-31 10:09 - 2014-08-31 10:09 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 10:07 - 2014-08-31 10:07 - 01016261 _____ (Thisisu) C:\Users\Thorben\Desktop\JRT.exe
2014-08-31 10:02 - 2014-08-31 10:02 - 01364531 _____ () C:\Users\Thorben\Desktop\adwcleaner_3.308.exe
2014-08-31 10:01 - 2014-08-31 10:01 - 00001976 _____ () C:\Users\Thorben\Desktop\mbam.txt
2014-08-31 09:45 - 2014-08-31 09:45 - 00003136 _____ () C:\Windows\System32\Tasks\{1C6EF767-7B90-4C2A-B9F0-8AAC062DBDD6}
2014-08-31 09:43 - 2014-08-31 09:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-31 04:34 - 2014-08-31 04:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-08-31 04:24 - 2014-08-31 04:24 - 00291856 _____ () C:\Windows\Minidump\083114-20295-01.dmp
2014-08-31 04:20 - 2014-08-31 04:20 - 00291992 _____ () C:\Windows\Minidump\083114-18564-01.dmp
2014-08-31 04:17 - 2014-08-31 05:26 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-31 02:26 - 2014-08-31 02:26 - 00266288 _____ () C:\Windows\Minidump\083114-21418-01.dmp
2014-08-31 02:24 - 2014-08-31 04:34 - 00001156 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-08-30 17:01 - 2014-08-30 17:03 - 149527616 _____ () C:\Users\Thorben\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-08-30 17:00 - 2014-08-30 17:00 - 00024831 _____ () C:\ComboFix.txt
2014-08-30 16:52 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-30 16:52 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-30 16:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-30 16:49 - 2014-08-30 17:00 - 00000000 ____D () C:\Qoobox
2014-08-30 16:49 - 2014-08-30 16:59 - 00000000 ____D () C:\Windows\erdnt
2014-08-30 16:34 - 2014-08-30 16:35 - 05576760 ____R (Swearware) C:\Users\Thorben\Desktop\ComboFix.exe
2014-08-28 23:32 - 2014-08-31 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-28 23:31 - 2014-08-28 23:42 - 00000000 ____D () C:\Users\Thorben\Desktop\mbar
2014-08-28 23:28 - 2014-08-28 23:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Thorben\Desktop\mbar-1.07.0.1012.exe
2014-08-28 23:16 - 2014-08-28 23:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Thorben\Desktop\tdsskiller.exe
2014-08-27 23:13 - 2014-08-29 09:17 - 00000000 ____D () C:\Users\Thorben\Bewerbung
2014-08-27 21:49 - 2014-08-27 21:51 - 00011003 _____ () C:\Users\Thorben\Desktop\WinRAR-ZIP-Archiv (neu).zip
2014-08-27 19:51 - 2014-08-27 19:51 - 00047000 _____ () C:\Users\Thorben\Desktop\Gmer.txt
2014-08-27 19:35 - 2014-08-27 19:35 - 00380416 _____ () C:\Users\Thorben\Desktop\Gmer-19357.exe
2014-08-27 19:26 - 2014-08-27 19:26 - 00040480 _____ () C:\Users\Thorben\Desktop\Addition.txt
2014-08-27 19:25 - 2014-08-31 10:14 - 00016918 _____ () C:\Users\Thorben\Desktop\FRST.txt
2014-08-27 19:25 - 2014-08-31 10:14 - 00000000 ____D () C:\FRST
2014-08-27 19:23 - 2014-08-31 10:13 - 02103808 _____ (Farbar) C:\Users\Thorben\Desktop\FRST64.exe
2014-08-26 20:42 - 2014-08-30 16:27 - 00000000 ____D () C:\Windows\CryptoGuard
2014-08-26 20:42 - 2014-08-26 20:42 - 01889616 _____ (SurfRight B.V.) C:\Users\Thorben\Downloads\hmpalert.exe
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-08-26 10:31 - 2014-08-31 04:24 - 553393440 _____ () C:\Windows\MEMORY.DMP
2014-08-26 10:31 - 2014-08-31 04:24 - 00000000 ____D () C:\Windows\Minidump
2014-08-26 10:31 - 2014-08-26 10:31 - 00291984 _____ () C:\Windows\Minidump\082614-14289-01.dmp
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-08-24 19:20 - 2014-08-24 19:20 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Adobe
2014-08-21 19:42 - 2014-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-21 19:14 - 2014-08-21 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-21 19:13 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-21 19:09 - 2014-08-21 19:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 19:07 - 2014-08-21 19:13 - 00012611 _____ () C:\Windows\IE11_main.log
2014-08-21 18:46 - 2014-08-21 18:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 18:46 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-21 18:43 - 2014-08-21 19:42 - 00289976 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-08-21 18:40 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-21 18:33 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-21 18:33 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-21 18:33 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-21 18:33 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-21 18:33 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-21 18:21 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-21 18:21 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-21 18:21 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-21 18:21 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-21 18:21 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-21 18:21 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 18:20 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-21 18:20 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-21 18:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-21 18:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-21 18:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-21 18:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-21 18:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-21 18:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-21 18:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-21 18:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-21 18:17 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-21 18:17 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-21 18:17 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-08-21 18:17 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-08-21 18:17 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-21 17:57 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-21 17:57 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-21 17:57 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 17:57 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-21 17:57 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-21 17:57 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-21 17:57 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-21 17:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-21 17:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-21 17:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-21 17:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-21 17:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-21 17:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-21 17:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-21 17:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-21 17:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-21 17:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-21 17:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-21 17:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-21 17:57 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-21 17:57 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-21 17:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-21 17:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-21 17:57 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-21 17:57 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-21 17:57 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-21 17:57 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-21 17:57 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-21 17:57 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-08-21 17:57 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-08-21 17:57 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-21 17:57 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-21 17:57 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-21 17:57 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-21 17:57 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-21 17:57 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-08-21 17:57 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-08-21 17:57 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-08-21 17:57 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-21 17:57 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-08-21 17:57 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-08-21 17:57 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-08-21 17:57 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-21 17:57 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-21 17:57 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-21 17:57 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-21 17:57 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-08-21 17:57 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-08-21 17:57 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-08-21 17:57 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-21 17:57 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-21 17:57 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-08-21 17:57 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-08-21 17:57 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-21 17:57 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-21 17:57 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-08-21 17:57 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-21 17:57 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-21 17:57 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-08-21 17:57 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-08-21 17:57 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-08-21 17:57 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-08-21 17:57 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-08-21 17:57 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-08-21 17:57 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-08-21 17:57 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-08-21 17:57 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-08-21 17:57 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-08-21 17:56 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-21 17:56 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-21 17:56 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-21 17:56 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-21 17:56 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-21 17:56 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-21 17:56 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-21 17:56 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-21 17:56 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-21 17:56 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-21 17:56 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-21 17:56 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-21 17:56 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-21 17:56 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-21 17:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-21 17:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-21 17:56 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-21 17:56 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-21 17:56 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-21 17:56 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-21 17:56 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-21 17:56 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-08-21 17:56 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-21 17:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-21 17:56 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-21 17:56 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-21 17:56 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-21 17:56 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-21 17:56 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-08-21 17:56 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-21 17:56 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-21 17:56 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-21 17:56 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-08-21 17:56 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-08-21 17:56 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-08-21 17:56 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-08-21 17:56 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-08-21 17:56 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-08-21 17:56 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-08-21 17:56 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-08-21 17:56 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-08-21 17:56 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-08-21 17:55 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-21 17:55 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-21 17:55 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-21 17:55 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-21 17:55 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-21 17:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-21 17:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-21 17:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-21 17:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-21 17:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-21 17:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-21 17:55 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-21 17:55 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-21 17:55 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-21 17:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-08-21 17:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-21 17:55 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-21 17:55 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-08-21 17:55 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-21 17:55 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-08-21 17:55 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-08-21 17:55 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-21 17:55 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-21 17:55 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-21 17:55 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-21 17:55 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-08-21 17:55 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-21 17:55 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-21 17:55 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-08-21 17:55 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-08-21 17:55 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-08-21 17:55 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-08-21 17:55 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-08-21 17:55 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-08-21 17:55 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-08-21 17:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-21 17:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-21 17:53 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-08-21 17:51 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-21 17:51 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-08-21 17:46 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-21 17:46 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-21 17:46 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-21 17:46 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-21 17:46 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-21 17:46 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-21 17:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-21 17:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-21 17:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-21 17:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-21 17:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-21 17:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-21 17:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-21 17:45 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-21 17:45 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-21 17:42 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-21 17:42 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-21 17:42 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-21 17:42 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-21 17:42 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-21 17:42 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-21 17:42 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-21 17:42 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-21 17:42 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-21 17:42 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-21 17:42 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-21 17:42 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-21 17:42 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-21 17:42 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-21 17:42 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-21 17:41 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-21 17:41 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-21 17:41 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-21 17:41 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-21 17:41 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-21 17:41 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-21 17:41 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-08-21 17:41 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-21 17:41 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-21 17:41 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-21 17:41 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-21 17:41 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-21 17:41 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-21 17:41 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-21 17:41 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-21 17:40 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-21 17:40 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-21 17:40 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-21 17:40 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-21 17:40 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-21 17:40 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-21 17:40 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-19 15:34 - 2014-08-21 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-19 15:32 - 2014-08-21 19:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 15:31 - 2014-08-19 15:31 - 00000000 ___RD () C:\MSOCache
2014-08-14 16:28 - 2014-08-14 16:28 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Chromium
2014-08-14 16:20 - 2014-08-14 17:50 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 16:20 - 2014-08-14 16:48 - 00000000 ____D () C:\Users\Thorben\Documents\Might & Magic Heroes VI
2014-08-14 16:19 - 2014-08-25 04:36 - 00035140 _____ () C:\Windows\DirectX.log
2014-08-14 02:17 - 2014-08-31 10:11 - 00019022 _____ () C:\Windows\setupact.log
2014-08-14 02:17 - 2014-08-14 02:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-14 02:16 - 2014-08-31 10:10 - 00343624 _____ () C:\Windows\PFRO.log
2014-08-14 02:11 - 2014-08-14 02:11 - 00159744 _____ () C:\Windows\winhlq32.exe
2014-08-14 02:11 - 2014-08-14 02:11 - 00003612 _____ () C:\Windows\System32\Tasks\AnwendungserfahrungFunctionauf
2014-08-14 02:05 - 2014-08-31 10:05 - 00000000 ____D () C:\AdwCleaner
2014-08-14 02:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-13 03:48 - 2014-08-13 03:50 - 00000000 ____D () C:\ArcTemp
2014-08-13 03:47 - 2014-08-13 03:48 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Arc
2014-08-13 03:45 - 2014-08-13 03:50 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-08-13 03:45 - 2014-08-13 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-08-06 21:45 - 2014-08-06 21:45 - 00000000 ____D () C:\Users\Thorben\Documents\SimCity
2014-08-01 16:07 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 16:07 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 16:07 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 16:07 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 16:07 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 16:07 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 16:07 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 16:07 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 16:07 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 16:07 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 10:14 - 2014-08-27 19:25 - 00016918 _____ () C:\Users\Thorben\Desktop\FRST.txt
2014-08-31 10:14 - 2014-08-27 19:25 - 00000000 ____D () C:\FRST
2014-08-31 10:14 - 2014-05-05 18:22 - 01731469 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 10:13 - 2014-08-27 19:23 - 02103808 _____ (Farbar) C:\Users\Thorben\Desktop\FRST64.exe
2014-08-31 10:12 - 2014-08-31 10:12 - 00000868 _____ () C:\Users\Thorben\Desktop\JRT.txt
2014-08-31 10:11 - 2014-08-31 10:11 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-08-31 10:11 - 2014-08-14 02:17 - 00019022 _____ () C:\Windows\setupact.log
2014-08-31 10:11 - 2014-06-23 13:28 - 00002988 _____ () C:\Windows\System32\Tasks\HDMISwitch
2014-08-31 10:11 - 2014-05-03 18:27 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-31 10:11 - 2014-05-03 16:58 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-08-31 10:10 - 2014-08-14 02:16 - 00343624 _____ () C:\Windows\PFRO.log
2014-08-31 10:10 - 2014-05-03 17:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-31 10:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-31 10:10 - 2009-07-14 06:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-31 10:10 - 2009-07-14 06:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-31 10:09 - 2014-08-31 10:09 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 10:07 - 2014-08-31 10:07 - 01016261 _____ (Thisisu) C:\Users\Thorben\Desktop\JRT.exe
2014-08-31 10:05 - 2014-08-14 02:05 - 00000000 ____D () C:\AdwCleaner
2014-08-31 10:04 - 2010-11-21 08:50 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-08-31 10:04 - 2010-11-21 08:50 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-08-31 10:04 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 10:02 - 2014-08-31 10:02 - 01364531 _____ () C:\Users\Thorben\Desktop\adwcleaner_3.308.exe
2014-08-31 10:01 - 2014-08-31 10:01 - 00001976 _____ () C:\Users\Thorben\Desktop\mbam.txt
2014-08-31 09:59 - 2014-05-05 19:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 09:58 - 2014-08-28 23:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-31 09:52 - 2014-05-03 18:27 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 09:45 - 2014-08-31 09:45 - 00003136 _____ () C:\Windows\System32\Tasks\{1C6EF767-7B90-4C2A-B9F0-8AAC062DBDD6}
2014-08-31 09:43 - 2014-08-31 09:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-31 09:22 - 2014-05-18 14:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-31 09:18 - 2014-05-03 17:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-31 06:02 - 2014-05-03 18:57 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Battle.net
2014-08-31 05:26 - 2014-08-31 04:17 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-31 04:34 - 2014-08-31 04:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-08-31 04:34 - 2014-08-31 02:24 - 00001156 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-08-31 04:24 - 2014-08-31 04:24 - 00291856 _____ () C:\Windows\Minidump\083114-20295-01.dmp
2014-08-31 04:24 - 2014-08-26 10:31 - 553393440 _____ () C:\Windows\MEMORY.DMP
2014-08-31 04:24 - 2014-08-26 10:31 - 00000000 ____D () C:\Windows\Minidump
2014-08-31 04:20 - 2014-08-31 04:20 - 00291992 _____ () C:\Windows\Minidump\083114-18564-01.dmp
2014-08-31 02:26 - 2014-08-31 02:26 - 00266288 _____ () C:\Windows\Minidump\083114-21418-01.dmp
2014-08-31 02:07 - 2014-05-03 22:41 - 00000000 ____D () C:\Users\Thorben\AppData\Local\CrashDumps
2014-08-30 17:03 - 2014-08-30 17:01 - 149527616 _____ () C:\Users\Thorben\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-08-30 17:00 - 2014-08-30 17:00 - 00024831 _____ () C:\ComboFix.txt
2014-08-30 17:00 - 2014-08-30 16:49 - 00000000 ____D () C:\Qoobox
2014-08-30 16:59 - 2014-08-30 16:49 - 00000000 ____D () C:\Windows\erdnt
2014-08-30 16:58 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-30 16:47 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-30 16:35 - 2014-08-30 16:34 - 05576760 ____R (Swearware) C:\Users\Thorben\Desktop\ComboFix.exe
2014-08-30 16:27 - 2014-08-26 20:42 - 00000000 ____D () C:\Windows\CryptoGuard
2014-08-29 09:17 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\Thorben\Bewerbung
2014-08-28 23:42 - 2014-08-28 23:31 - 00000000 ____D () C:\Users\Thorben\Desktop\mbar
2014-08-28 23:31 - 2014-05-05 18:45 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 23:28 - 2014-08-28 23:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Thorben\Desktop\mbar-1.07.0.1012.exe
2014-08-28 23:16 - 2014-08-28 23:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Thorben\Desktop\tdsskiller.exe
2014-08-28 02:56 - 2014-05-03 18:39 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\TS3Client
2014-08-27 23:13 - 2014-05-03 16:35 - 00000000 ____D () C:\Users\Thorben
2014-08-27 21:51 - 2014-08-27 21:49 - 00011003 _____ () C:\Users\Thorben\Desktop\WinRAR-ZIP-Archiv (neu).zip
2014-08-27 19:51 - 2014-08-27 19:51 - 00047000 _____ () C:\Users\Thorben\Desktop\Gmer.txt
2014-08-27 19:41 - 2014-05-03 22:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-27 19:35 - 2014-08-27 19:35 - 00380416 _____ () C:\Users\Thorben\Desktop\Gmer-19357.exe
2014-08-27 19:26 - 2014-08-27 19:26 - 00040480 _____ () C:\Users\Thorben\Desktop\Addition.txt
2014-08-26 20:42 - 2014-08-26 20:42 - 01889616 _____ (SurfRight B.V.) C:\Users\Thorben\Downloads\hmpalert.exe
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-08-26 10:31 - 2014-08-26 10:31 - 00291984 _____ () C:\Windows\Minidump\082614-14289-01.dmp
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-08-25 15:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-25 05:28 - 2014-05-05 06:42 - 00000000 ____D () C:\Users\Thorben\Documents\my games
2014-08-25 04:36 - 2014-08-14 16:19 - 00035140 _____ () C:\Windows\DirectX.log
2014-08-24 19:20 - 2014-08-24 19:20 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Adobe
2014-08-22 23:08 - 2014-05-03 18:59 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-22 02:15 - 2014-05-03 18:57 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-21 20:36 - 2014-05-03 16:46 - 00070000 _____ () C:\Users\Thorben\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 20:35 - 2009-07-14 06:45 - 00314016 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 19:42 - 2014-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-21 19:42 - 2014-08-21 18:43 - 00289976 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-08-21 19:41 - 2014-08-19 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-21 19:40 - 2014-08-19 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-21 19:21 - 2014-05-03 16:36 - 00001305 _____ () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:18 - 2014-05-03 17:28 - 00000000 ____D () C:\Windows\Panther
2014-08-21 19:16 - 2010-11-21 09:01 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-21 19:14 - 2014-08-21 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-21 19:13 - 2014-08-21 19:07 - 00012611 _____ () C:\Windows\IE11_main.log
2014-08-21 19:09 - 2014-08-21 19:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 18:48 - 2014-08-21 18:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 18:40 - 2014-05-03 16:46 - 01597378 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 17:54 - 2014-05-03 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-21 17:53 - 2014-05-03 17:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-21 17:52 - 2014-05-03 17:06 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-19 15:34 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-19 15:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 15:32 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-08-19 15:31 - 2014-08-19 15:31 - 00000000 ___RD () C:\MSOCache
2014-08-18 19:32 - 2014-05-03 20:41 - 00000000 ____D () C:\ProgramData\Origin
2014-08-18 19:23 - 2014-05-03 20:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-14 17:50 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 16:48 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Thorben\Documents\Might & Magic Heroes VI
2014-08-14 16:28 - 2014-08-14 16:28 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Chromium
2014-08-14 02:17 - 2014-08-14 02:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-14 02:12 - 2014-05-03 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 02:12 - 2014-05-03 18:37 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 02:11 - 2014-08-14 02:11 - 00159744 _____ () C:\Windows\winhlq32.exe
2014-08-14 02:11 - 2014-08-14 02:11 - 00003612 _____ () C:\Windows\System32\Tasks\AnwendungserfahrungFunctionauf
2014-08-14 02:07 - 2014-05-03 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 02:07 - 2014-05-03 17:37 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 19:24 - 2014-05-18 14:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-13 19:24 - 2014-05-03 19:14 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-13 19:24 - 2014-05-03 19:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 03:50 - 2014-08-13 03:48 - 00000000 ____D () C:\ArcTemp
2014-08-13 03:50 - 2014-08-13 03:45 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-08-13 03:48 - 2014-08-13 03:47 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Arc
2014-08-13 03:45 - 2014-08-13 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-08-13 03:45 - 2014-05-03 16:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-07 04:06 - 2014-08-21 17:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-21 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:45 - 2014-08-06 21:45 - 00000000 ____D () C:\Users\Thorben\Documents\SimCity
2014-08-02 08:20 - 2014-05-03 18:52 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Spotify
2014-08-02 03:39 - 2014-05-03 18:52 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Spotify
Some content of TEMP:
====================
C:\Users\Thorben\AppData\Local\Temp\avgnt.exe
C:\Users\Thorben\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-27 22:15
==================== End Of Log ============================
Zum Router: Ich kann den Router Manuell nicht auf Werkseinstellung zurücksetzen. Das funktioniert nur, indem ich mit dem Computer übers Routerinterface auf Werkseinstellung klicke. Dann speichert er irgendwas und führt die Werkseinstellung durch. |
|
31.08.2014, 16:59
| #10 |
| /// the machine /// TB-Ausbilder | Virus erstellt voip im Router Ja, das sollte reichen. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.09.2014, 09:14
| #11 |
| | Virus erstellt voip im Router Der Eset log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=55732f996961e14ebe10360e41610432
# engine=19990
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-04 08:03:28
# local_time=2014-09-04 10:03:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 5962 1726405 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10188991 161447658 0 0
# scanned=197570
# found=10
# cleaned=0
# scan_time=5492
sh=064680D54E8FBA2D06E2A5E35060BB16B3636C3B ft=1 fh=4ae2a46f410a297c vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=E6BF88B3390FEA12DB1F6F150800B531FEDADB01 ft=1 fh=4a10605500753c35 vn="möglicherweise Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=40B63087012BF7DA70AE82BD473BCCFDD93BF8F5 ft=1 fh=027554fe6efee6bd vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=584265F2BA0B47696184876335BAF6E175C81BEF ft=1 fh=2f2b206b1a22bc74 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=2D9A7EAF0637343E63C8622AA99C16E817A0F204 ft=1 fh=79672f4490f328fb vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe.vir"
sh=6CDD189837D5C70B6F11EC1467DFC06B5B1DAB56 ft=1 fh=8d9f8b9dd40f9b55 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir"
sh=295FC6612C9C97760937DF651A963A44C99CD0C0 ft=1 fh=aaec07ed4cd90b5d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=1281BC2E05EBA5C4AEA26227C68ABBBF6ED9A2BC ft=1 fh=78661b0bb1b930fe vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll.vir"
sh=2510D5FD078002C413DAA2B68FEBA3E9AC8BDE80 ft=1 fh=b3c45eb818ca1528 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=E18E67AF494118B8B73EC4EC2269E89AA9C18237 ft=1 fh=d7d3a79201d8389a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 14.0.0.179
Adobe Reader XI
Mozilla Firefox (31.0)
Google Chrome 36.0.1985.143
Google Chrome 37.0.2062.103
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Thorben (administrator) on THORBEN-PC on 04-09-2014 10:13:02
Running from C:\Users\Thorben\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Users\Thorben\Downloads\Core Temp\Core Temp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\ASGT.exe
() C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [6226624 2014-05-03] (FNet Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Razer Imperator Driver] => C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe [979360 2012-02-09] (Razer USA Ltd)
HKU\S-1-5-21-761638862-2947245423-882755344-1000\...\Run: [Spotify Web Helper] => C:\Users\Thorben\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-10] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1C23934DE566CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\Thorben\AppData\Roaming\Mozilla\Firefox\Profiles\1dthd3mz.default-1399824096976\Extensions\youtubeunblocker@unblocker.yt [2014-06-02]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-05-11]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchProvider: Default -> Trovi search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320324&octid=EB_ORIGINAL_CTID&ISID=M9FEC8BBC-1EBC-407B-80E9-96701BEF61BF&SearchSource=58&CUI=&UM=6&UP=SP09328ECB-F0F2-45D3-9CFD-4122C82E6F2E&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-03]
CHR Extension: (YouTube) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]
CHR Extension: (Google-Suche) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]
CHR Extension: (Tampermonkey) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-05-03]
CHR Extension: (CnC TA Script Collection) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhpmdclklpgfcpoiomjofgfagenmgeo [2014-05-03]
CHR Extension: (Google Wallet) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]
CHR Extension: (Google Mail) - C:\Users\Thorben\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-15] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-08-12] (Perfect World Entertainment Inc)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 ASRockIOMon; C:\Program Files (x86)\Fatal1ty Utility\F-Stream Tuning\Bin\IOMonitorSrv.exe [454656 2013-05-28] () [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [328832 2014-07-09] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-07-25] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsrDrv101; C:\Windows\SysWOW64\Drivers\AsrDrv101.sys [22280 2014-05-03] (ASRock Incorporation)
S3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [20232 2013-09-09] (ASRock Inc.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [40200 2013-05-09] (ASRock Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-08-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-06-18] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2014-05-03] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-03-14] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [107952 2014-07-09] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-04] ()
R3 ALSysIO; \??\C:\Users\Thorben\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-04 10:12 - 2014-09-04 10:12 - 00000000 ____D () C:\Users\Thorben\Desktop\FRST-OlderVersion
2014-09-04 10:09 - 2014-09-04 10:09 - 00854417 _____ () C:\Users\Thorben\Desktop\SecurityCheck.exe
2014-09-04 08:29 - 2014-09-04 08:29 - 02347384 _____ (ESET) C:\Users\Thorben\Desktop\esetsmartinstaller_deu.exe
2014-09-04 08:29 - 2014-09-04 08:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-04 08:24 - 2014-09-04 08:24 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-03 12:52 - 2014-09-03 12:51 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-01 15:52 - 2014-09-01 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-01 15:52 - 2014-09-01 15:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-01 15:50 - 2014-09-01 15:50 - 25633928 _____ (Razer USA Ltd. ) C:\Users\Thorben\Downloads\Razer_Imperator_Driver_v2.02(1).exe
2014-09-01 03:29 - 2014-09-01 03:29 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 03:28 - 2014-09-01 03:28 - 00001548 _____ () C:\Users\Thorben\Desktop\EVE 2.lnk
2014-09-01 03:03 - 2014-09-01 03:03 - 00000129 _____ () C:\Users\Thorben\Desktop\Eve account wiederholen.txt
2014-09-01 01:39 - 2014-09-03 22:03 - 00000000 ____D () C:\Users\Thorben\Desktop\Eve
2014-08-31 19:41 - 2014-08-31 19:41 - 00001891 _____ () C:\Users\Thorben\Desktop\EVE 1.lnk
2014-08-31 19:41 - 2014-08-31 19:41 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
2014-08-31 19:35 - 2014-09-01 03:25 - 00000000 ____D () C:\Program Files (x86)\CCP
2014-08-31 17:54 - 2014-09-01 01:41 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\EVEMon
2014-08-31 17:54 - 2014-08-31 17:54 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2014-08-31 17:54 - 2014-08-31 17:54 - 00000000 ____D () C:\Program Files (x86)\EVEMon
2014-08-31 17:52 - 2014-08-31 17:52 - 04949062 _____ (EVEMon Development Team) C:\Users\Thorben\Downloads\EVEMon-install-1.9.0.exe
2014-08-31 17:46 - 2014-08-31 17:46 - 04723184 _____ (CCP hf.) C:\Users\Thorben\Downloads\EVE_Online_Installer_821895.exe
2014-08-31 17:46 - 2014-08-31 17:46 - 00000000 ____D () C:\Users\Thorben\AppData\Local\CCP
2014-08-31 15:05 - 2014-08-31 15:05 - 00000000 ____D () C:\Users\Thorben\Documents\Diablo III
2014-08-31 10:25 - 2014-08-31 10:25 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Avira
2014-08-31 10:24 - 2014-08-31 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-31 10:24 - 2014-08-31 10:24 - 00000000 ____D () C:\ProgramData\Avira
2014-08-31 10:24 - 2014-08-31 10:24 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-31 10:24 - 2014-08-15 10:30 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-08-31 10:24 - 2014-08-15 10:30 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-08-31 10:24 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-08-31 10:12 - 2014-08-31 10:12 - 00000868 _____ () C:\Users\Thorben\Desktop\JRT.txt
2014-08-31 10:09 - 2014-08-31 10:09 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 10:07 - 2014-08-31 10:07 - 01016261 _____ (Thisisu) C:\Users\Thorben\Desktop\JRT.exe
2014-08-31 10:02 - 2014-08-31 10:02 - 01364531 _____ () C:\Users\Thorben\Desktop\adwcleaner_3.308.exe
2014-08-31 10:01 - 2014-08-31 10:01 - 00001976 _____ () C:\Users\Thorben\Desktop\mbam.txt
2014-08-31 09:45 - 2014-08-31 09:45 - 00003136 _____ () C:\Windows\System32\Tasks\{1C6EF767-7B90-4C2A-B9F0-8AAC062DBDD6}
2014-08-31 09:43 - 2014-08-31 09:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-31 04:34 - 2014-08-31 04:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-08-31 04:24 - 2014-08-31 04:24 - 00291856 _____ () C:\Windows\Minidump\083114-20295-01.dmp
2014-08-31 04:20 - 2014-08-31 04:20 - 00291992 _____ () C:\Windows\Minidump\083114-18564-01.dmp
2014-08-31 04:17 - 2014-08-31 15:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-31 02:26 - 2014-08-31 02:26 - 00266288 _____ () C:\Windows\Minidump\083114-21418-01.dmp
2014-08-30 17:01 - 2014-08-30 17:03 - 149527616 _____ () C:\Users\Thorben\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-08-30 17:00 - 2014-08-30 17:00 - 00024831 _____ () C:\ComboFix.txt
2014-08-30 16:52 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-30 16:52 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-30 16:52 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-30 16:52 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-30 16:49 - 2014-08-30 17:00 - 00000000 ____D () C:\Qoobox
2014-08-30 16:49 - 2014-08-30 16:59 - 00000000 ____D () C:\Windows\erdnt
2014-08-30 16:34 - 2014-08-30 16:35 - 05576760 ____R (Swearware) C:\Users\Thorben\Desktop\ComboFix.exe
2014-08-28 23:32 - 2014-08-31 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-28 23:31 - 2014-08-28 23:42 - 00000000 ____D () C:\Users\Thorben\Desktop\mbar
2014-08-28 23:28 - 2014-08-28 23:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Thorben\Desktop\mbar-1.07.0.1012.exe
2014-08-28 23:16 - 2014-08-28 23:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Thorben\Desktop\tdsskiller.exe
2014-08-27 23:13 - 2014-09-01 09:25 - 00000000 ____D () C:\Users\Thorben\Bewerbung
2014-08-27 21:49 - 2014-08-27 21:51 - 00011003 _____ () C:\Users\Thorben\Desktop\WinRAR-ZIP-Archiv (neu).zip
2014-08-27 19:51 - 2014-08-27 19:51 - 00047000 _____ () C:\Users\Thorben\Desktop\Gmer.txt
2014-08-27 19:35 - 2014-08-27 19:35 - 00380416 _____ () C:\Users\Thorben\Desktop\Gmer-19357.exe
2014-08-27 19:26 - 2014-08-27 19:26 - 00040480 _____ () C:\Users\Thorben\Desktop\Addition.txt
2014-08-27 19:25 - 2014-09-04 10:13 - 00017671 _____ () C:\Users\Thorben\Desktop\FRST.txt
2014-08-27 19:25 - 2014-09-04 10:13 - 00000000 ____D () C:\FRST
2014-08-27 19:23 - 2014-09-04 10:12 - 02104832 _____ (Farbar) C:\Users\Thorben\Desktop\FRST64.exe
2014-08-26 20:42 - 2014-08-30 16:27 - 00000000 ____D () C:\Windows\CryptoGuard
2014-08-26 20:42 - 2014-08-26 20:42 - 01889616 _____ (SurfRight B.V.) C:\Users\Thorben\Downloads\hmpalert.exe
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-08-26 10:31 - 2014-08-31 04:24 - 553393440 _____ () C:\Windows\MEMORY.DMP
2014-08-26 10:31 - 2014-08-31 04:24 - 00000000 ____D () C:\Windows\Minidump
2014-08-26 10:31 - 2014-08-26 10:31 - 00291984 _____ () C:\Windows\Minidump\082614-14289-01.dmp
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-08-24 19:20 - 2014-08-24 19:20 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Adobe
2014-08-21 19:42 - 2014-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-21 19:14 - 2014-08-21 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-21 19:13 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-08-21 19:09 - 2014-08-21 19:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 19:07 - 2014-08-21 19:13 - 00012611 _____ () C:\Windows\IE11_main.log
2014-08-21 18:46 - 2014-08-21 18:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 18:46 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-21 18:43 - 2014-08-21 19:42 - 00289976 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-08-21 18:40 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-08-21 18:33 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-21 18:33 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-21 18:33 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-08-21 18:33 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-21 18:33 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-21 18:33 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-21 18:21 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-21 18:21 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-21 18:21 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-21 18:21 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-21 18:21 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-21 18:21 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 18:20 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-21 18:20 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-21 18:17 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-21 18:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-08-21 18:17 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-08-21 18:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-08-21 18:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-08-21 18:17 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-08-21 18:17 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-08-21 18:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-08-21 18:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-08-21 18:17 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-08-21 18:17 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-08-21 18:17 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-08-21 18:17 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-08-21 18:17 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-08-21 17:57 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-08-21 17:57 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-08-21 17:57 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 17:57 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-08-21 17:57 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-08-21 17:57 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-08-21 17:57 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-08-21 17:57 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-08-21 17:57 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-08-21 17:57 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-21 17:57 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-21 17:57 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-08-21 17:57 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-08-21 17:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-08-21 17:57 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-08-21 17:57 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-08-21 17:57 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-08-21 17:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-08-21 17:57 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-08-21 17:57 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-08-21 17:57 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-08-21 17:57 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-21 17:57 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-08-21 17:57 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-08-21 17:57 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-08-21 17:57 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-08-21 17:57 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-08-21 17:57 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-08-21 17:57 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-08-21 17:57 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-08-21 17:57 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-08-21 17:57 - 2013-06-06 07:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-08-21 17:57 - 2013-06-06 07:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-08-21 17:57 - 2013-06-06 07:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-08-21 17:57 - 2013-06-06 07:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-08-21 17:57 - 2013-06-06 06:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-08-21 17:57 - 2013-06-06 06:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-08-21 17:57 - 2013-06-06 06:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-08-21 17:57 - 2013-06-06 05:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-08-21 17:57 - 2013-06-06 05:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-08-21 17:57 - 2013-06-06 05:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-08-21 17:57 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-08-21 17:57 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-08-21 17:57 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-08-21 17:57 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-08-21 17:57 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-08-21 17:57 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-08-21 17:57 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-08-21 17:57 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-08-21 17:57 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-08-21 17:57 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-08-21 17:57 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-08-21 17:57 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-08-21 17:57 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-08-21 17:57 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-08-21 17:57 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-08-21 17:57 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-08-21 17:57 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-08-21 17:57 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-21 17:57 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-21 17:57 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-08-21 17:57 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-08-21 17:57 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-08-21 17:57 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-08-21 17:57 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-08-21 17:57 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-08-21 17:57 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-08-21 17:57 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-08-21 17:57 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-08-21 17:57 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-08-21 17:56 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-21 17:56 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-21 17:56 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-21 17:56 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-21 17:56 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-21 17:56 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-21 17:56 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-21 17:56 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-21 17:56 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-08-21 17:56 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-21 17:56 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-21 17:56 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-08-21 17:56 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-08-21 17:56 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-08-21 17:56 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-08-21 17:56 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-08-21 17:56 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-08-21 17:56 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-21 17:56 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-21 17:56 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-21 17:56 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-08-21 17:56 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-21 17:56 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-08-21 17:56 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-08-21 17:56 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-08-21 17:56 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-08-21 17:56 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-08-21 17:56 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-08-21 17:56 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-08-21 17:56 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-08-21 17:56 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-08-21 17:56 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-08-21 17:56 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-08-21 17:56 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-08-21 17:56 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-08-21 17:56 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-08-21 17:56 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-08-21 17:56 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-08-21 17:56 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-08-21 17:56 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-08-21 17:56 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-08-21 17:56 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-08-21 17:56 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-08-21 17:56 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-08-21 17:56 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-08-21 17:55 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-21 17:55 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-21 17:55 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-08-21 17:55 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-08-21 17:55 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-08-21 17:55 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-08-21 17:55 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-08-21 17:55 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-08-21 17:55 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-08-21 17:55 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-08-21 17:55 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-08-21 17:55 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-08-21 17:55 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-08-21 17:55 - 2013-10-03 04:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-21 17:55 - 2013-10-03 04:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-21 17:55 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-08-21 17:55 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-08-21 17:55 - 2013-07-04 14:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-08-21 17:55 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-08-21 17:55 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-08-21 17:55 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-08-21 17:55 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-08-21 17:55 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-08-21 17:55 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-08-21 17:55 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-08-21 17:55 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-08-21 17:55 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-08-21 17:55 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-08-21 17:55 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-08-21 17:55 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-08-21 17:55 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-08-21 17:55 - 2011-02-05 19:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-08-21 17:55 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-08-21 17:55 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-08-21 17:55 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-08-21 17:55 - 2011-02-05 19:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-08-21 17:55 - 2011-02-05 19:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-08-21 17:55 - 2011-02-05 19:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-08-21 17:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-08-21 17:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-08-21 17:53 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-08-21 17:51 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-21 17:51 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-21 17:51 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-21 17:50 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-08-21 17:46 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-08-21 17:46 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-08-21 17:46 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-08-21 17:46 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-08-21 17:46 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-08-21 17:46 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-08-21 17:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-08-21 17:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-08-21 17:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-08-21 17:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-08-21 17:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-08-21 17:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-08-21 17:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-08-21 17:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-08-21 17:45 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-08-21 17:45 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-08-21 17:45 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-08-21 17:42 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-08-21 17:42 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-08-21 17:42 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-08-21 17:42 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-08-21 17:42 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-08-21 17:42 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-08-21 17:42 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-08-21 17:42 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-08-21 17:42 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-08-21 17:42 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-08-21 17:42 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-08-21 17:42 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-08-21 17:42 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-08-21 17:42 - 2012-05-05 10:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-08-21 17:42 - 2012-05-05 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-08-21 17:41 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-21 17:41 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-21 17:41 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-08-21 17:41 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-08-21 17:41 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-21 17:41 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-08-21 17:41 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-08-21 17:41 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-08-21 17:41 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-08-21 17:41 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-08-21 17:41 - 2011-08-27 07:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-08-21 17:41 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-08-21 17:41 - 2011-08-27 06:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-08-21 17:41 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-08-21 17:41 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-08-21 17:40 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-21 17:40 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-21 17:40 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-08-21 17:40 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-21 17:40 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-08-21 17:40 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-08-21 17:40 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-08-19 15:34 - 2014-08-21 19:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-19 15:32 - 2014-08-21 19:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 15:31 - 2014-08-19 15:31 - 00000000 ___RD () C:\MSOCache
2014-08-14 16:28 - 2014-08-14 16:28 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Chromium
2014-08-14 16:20 - 2014-08-14 17:50 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 16:20 - 2014-08-14 16:48 - 00000000 ____D () C:\Users\Thorben\Documents\Might & Magic Heroes VI
2014-08-14 16:19 - 2014-08-25 04:36 - 00035140 _____ () C:\Windows\DirectX.log
2014-08-14 02:17 - 2014-09-04 08:24 - 00022326 _____ () C:\Windows\setupact.log
2014-08-14 02:17 - 2014-08-14 02:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-14 02:16 - 2014-09-04 08:24 - 00504778 _____ () C:\Windows\PFRO.log
2014-08-14 02:11 - 2014-08-14 02:11 - 00159744 _____ () C:\Windows\winhlq32.exe
2014-08-14 02:11 - 2014-08-14 02:11 - 00003612 _____ () C:\Windows\System32\Tasks\AnwendungserfahrungFunctionauf
2014-08-14 02:05 - 2014-08-31 10:05 - 00000000 ____D () C:\AdwCleaner
2014-08-14 02:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-13 03:48 - 2014-08-13 03:50 - 00000000 ____D () C:\ArcTemp
2014-08-13 03:47 - 2014-08-13 03:48 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Arc
2014-08-13 03:45 - 2014-08-13 03:50 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-08-13 03:45 - 2014-08-13 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-08-06 21:45 - 2014-08-06 21:45 - 00000000 ____D () C:\Users\Thorben\Documents\SimCity
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-04 10:13 - 2014-08-27 19:25 - 00017671 _____ () C:\Users\Thorben\Desktop\FRST.txt
2014-09-04 10:13 - 2014-08-27 19:25 - 00000000 ____D () C:\FRST
2014-09-04 10:12 - 2014-09-04 10:12 - 00000000 ____D () C:\Users\Thorben\Desktop\FRST-OlderVersion
2014-09-04 10:12 - 2014-08-27 19:23 - 02104832 _____ (Farbar) C:\Users\Thorben\Desktop\FRST64.exe
2014-09-04 10:09 - 2014-09-04 10:09 - 00854417 _____ () C:\Users\Thorben\Desktop\SecurityCheck.exe
2014-09-04 09:51 - 2014-05-03 18:27 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 09:22 - 2014-05-18 14:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-04 08:46 - 2014-05-03 18:57 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Battle.net
2014-09-04 08:32 - 2009-07-14 06:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-04 08:32 - 2009-07-14 06:45 - 00031280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-04 08:30 - 2010-11-21 08:50 - 00700454 _____ () C:\Windows\system32\perfh007.dat
2014-09-04 08:30 - 2010-11-21 08:50 - 00150092 _____ () C:\Windows\system32\perfc007.dat
2014-09-04 08:30 - 2009-07-14 07:13 - 01624034 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-04 08:29 - 2014-09-04 08:29 - 02347384 _____ (ESET) C:\Users\Thorben\Desktop\esetsmartinstaller_deu.exe
2014-09-04 08:29 - 2014-09-04 08:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-04 08:29 - 2014-05-05 18:22 - 01073925 _____ () C:\Windows\WindowsUpdate.log
2014-09-04 08:25 - 2014-06-23 13:28 - 00002988 _____ () C:\Windows\System32\Tasks\HDMISwitch
2014-09-04 08:24 - 2014-09-04 08:24 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-04 08:24 - 2014-08-14 02:17 - 00022326 _____ () C:\Windows\setupact.log
2014-09-04 08:24 - 2014-08-14 02:16 - 00504778 _____ () C:\Windows\PFRO.log
2014-09-04 08:24 - 2014-05-03 18:27 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 08:24 - 2014-05-03 17:11 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-04 08:24 - 2014-05-03 16:58 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-04 08:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 22:26 - 2014-05-03 18:39 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\TS3Client
2014-09-03 22:03 - 2014-09-01 01:39 - 00000000 ____D () C:\Users\Thorben\Desktop\Eve
2014-09-03 20:24 - 2014-05-03 17:40 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-03 17:45 - 2014-05-03 20:41 - 00000000 ____D () C:\ProgramData\Origin
2014-09-03 17:44 - 2014-05-03 20:41 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-03 12:51 - 2014-09-03 12:52 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-02 06:47 - 2014-05-03 16:46 - 00070000 _____ () C:\Users\Thorben\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-02 06:46 - 2009-07-14 06:45 - 00312632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-01 15:52 - 2014-09-01 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-01 15:52 - 2014-09-01 15:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-01 15:50 - 2014-09-01 15:50 - 25633928 _____ (Razer USA Ltd. ) C:\Users\Thorben\Downloads\Razer_Imperator_Driver_v2.02(1).exe
2014-09-01 15:30 - 2014-05-03 22:41 - 00000000 ____D () C:\Users\Thorben\AppData\Local\CrashDumps
2014-09-01 09:25 - 2014-08-27 23:13 - 00000000 ____D () C:\Users\Thorben\Bewerbung
2014-09-01 03:29 - 2014-09-01 03:29 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 03:28 - 2014-09-01 03:28 - 00001548 _____ () C:\Users\Thorben\Desktop\EVE 2.lnk
2014-09-01 03:25 - 2014-08-31 19:35 - 00000000 ____D () C:\Program Files (x86)\CCP
2014-09-01 03:03 - 2014-09-01 03:03 - 00000129 _____ () C:\Users\Thorben\Desktop\Eve account wiederholen.txt
2014-09-01 01:41 - 2014-08-31 17:54 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\EVEMon
2014-08-31 19:41 - 2014-08-31 19:41 - 00001891 _____ () C:\Users\Thorben\Desktop\EVE 1.lnk
2014-08-31 19:41 - 2014-08-31 19:41 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVE
2014-08-31 19:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-31 17:54 - 2014-08-31 17:54 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2014-08-31 17:54 - 2014-08-31 17:54 - 00000000 ____D () C:\Program Files (x86)\EVEMon
2014-08-31 17:52 - 2014-08-31 17:52 - 04949062 _____ (EVEMon Development Team) C:\Users\Thorben\Downloads\EVEMon-install-1.9.0.exe
2014-08-31 17:46 - 2014-08-31 17:46 - 04723184 _____ (CCP hf.) C:\Users\Thorben\Downloads\EVE_Online_Installer_821895.exe
2014-08-31 17:46 - 2014-08-31 17:46 - 00000000 ____D () C:\Users\Thorben\AppData\Local\CCP
2014-08-31 15:05 - 2014-08-31 15:05 - 00000000 ____D () C:\Users\Thorben\Documents\Diablo III
2014-08-31 15:04 - 2014-08-31 04:17 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-31 10:25 - 2014-08-31 10:25 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Avira
2014-08-31 10:24 - 2014-08-31 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-31 10:24 - 2014-08-31 10:24 - 00000000 ____D () C:\ProgramData\Avira
2014-08-31 10:24 - 2014-08-31 10:24 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-31 10:12 - 2014-08-31 10:12 - 00000868 _____ () C:\Users\Thorben\Desktop\JRT.txt
2014-08-31 10:09 - 2014-08-31 10:09 - 00000000 ____D () C:\Windows\ERUNT
2014-08-31 10:07 - 2014-08-31 10:07 - 01016261 _____ (Thisisu) C:\Users\Thorben\Desktop\JRT.exe
2014-08-31 10:05 - 2014-08-14 02:05 - 00000000 ____D () C:\AdwCleaner
2014-08-31 10:02 - 2014-08-31 10:02 - 01364531 _____ () C:\Users\Thorben\Desktop\adwcleaner_3.308.exe
2014-08-31 10:01 - 2014-08-31 10:01 - 00001976 _____ () C:\Users\Thorben\Desktop\mbam.txt
2014-08-31 09:59 - 2014-05-05 19:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-31 09:58 - 2014-08-28 23:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-31 09:45 - 2014-08-31 09:45 - 00003136 _____ () C:\Windows\System32\Tasks\{1C6EF767-7B90-4C2A-B9F0-8AAC062DBDD6}
2014-08-31 09:43 - 2014-08-31 09:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-31 04:34 - 2014-08-31 04:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-08-31 04:24 - 2014-08-31 04:24 - 00291856 _____ () C:\Windows\Minidump\083114-20295-01.dmp
2014-08-31 04:24 - 2014-08-26 10:31 - 553393440 _____ () C:\Windows\MEMORY.DMP
2014-08-31 04:24 - 2014-08-26 10:31 - 00000000 ____D () C:\Windows\Minidump
2014-08-31 04:20 - 2014-08-31 04:20 - 00291992 _____ () C:\Windows\Minidump\083114-18564-01.dmp
2014-08-31 02:26 - 2014-08-31 02:26 - 00266288 _____ () C:\Windows\Minidump\083114-21418-01.dmp
2014-08-30 17:03 - 2014-08-30 17:01 - 149527616 _____ () C:\Users\Thorben\Downloads\avira_free_antivirus_de_14.0.6.570.exe
2014-08-30 17:00 - 2014-08-30 17:00 - 00024831 _____ () C:\ComboFix.txt
2014-08-30 17:00 - 2014-08-30 16:49 - 00000000 ____D () C:\Qoobox
2014-08-30 16:59 - 2014-08-30 16:49 - 00000000 ____D () C:\Windows\erdnt
2014-08-30 16:58 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-30 16:47 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-30 16:35 - 2014-08-30 16:34 - 05576760 ____R (Swearware) C:\Users\Thorben\Desktop\ComboFix.exe
2014-08-30 16:27 - 2014-08-26 20:42 - 00000000 ____D () C:\Windows\CryptoGuard
2014-08-28 23:42 - 2014-08-28 23:31 - 00000000 ____D () C:\Users\Thorben\Desktop\mbar
2014-08-28 23:31 - 2014-05-05 18:45 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-28 23:28 - 2014-08-28 23:28 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Thorben\Desktop\mbar-1.07.0.1012.exe
2014-08-28 23:16 - 2014-08-28 23:16 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Thorben\Desktop\tdsskiller.exe
2014-08-27 23:13 - 2014-05-03 16:35 - 00000000 ____D () C:\Users\Thorben
2014-08-27 21:51 - 2014-08-27 21:49 - 00011003 _____ () C:\Users\Thorben\Desktop\WinRAR-ZIP-Archiv (neu).zip
2014-08-27 19:51 - 2014-08-27 19:51 - 00047000 _____ () C:\Users\Thorben\Desktop\Gmer.txt
2014-08-27 19:41 - 2014-05-03 22:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-27 19:35 - 2014-08-27 19:35 - 00380416 _____ () C:\Users\Thorben\Desktop\Gmer-19357.exe
2014-08-27 19:26 - 2014-08-27 19:26 - 00040480 _____ () C:\Users\Thorben\Desktop\Addition.txt
2014-08-26 20:42 - 2014-08-26 20:42 - 01889616 _____ (SurfRight B.V.) C:\Users\Thorben\Downloads\hmpalert.exe
2014-08-26 20:42 - 2014-08-26 20:42 - 00000000 ____D () C:\ProgramData\HitmanPro.Alert
2014-08-26 10:31 - 2014-08-26 10:31 - 00291984 _____ () C:\Windows\Minidump\082614-14289-01.dmp
2014-08-26 10:29 - 2014-08-26 10:29 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-08-25 15:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-25 05:28 - 2014-05-05 06:42 - 00000000 ____D () C:\Users\Thorben\Documents\my games
2014-08-25 04:36 - 2014-08-14 16:19 - 00035140 _____ () C:\Windows\DirectX.log
2014-08-24 19:20 - 2014-08-24 19:20 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Adobe
2014-08-22 23:08 - 2014-05-03 18:59 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-22 02:15 - 2014-05-03 18:57 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-21 19:42 - 2014-08-21 19:42 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-08-21 19:42 - 2014-08-21 18:43 - 00289976 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-08-21 19:41 - 2014-08-19 15:32 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-21 19:40 - 2014-08-19 15:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-08-21 19:21 - 2014-05-03 16:36 - 00001305 _____ () C:\Users\Thorben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-21 19:18 - 2014-05-03 17:28 - 00000000 ____D () C:\Windows\Panther
2014-08-21 19:16 - 2010-11-21 09:01 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-21 19:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-21 19:14 - 2014-08-21 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-08-21 19:13 - 2014-08-21 19:07 - 00012611 _____ () C:\Windows\IE11_main.log
2014-08-21 19:09 - 2014-08-21 19:09 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-21 19:09 - 2014-08-21 19:09 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-21 19:09 - 2014-08-21 19:09 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-08-21 19:09 - 2014-08-21 19:09 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-08-21 19:09 - 2014-08-21 19:09 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-08-21 19:09 - 2014-08-21 19:09 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-21 19:09 - 2014-08-21 19:09 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-21 18:48 - 2014-08-21 18:46 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 18:40 - 2014-05-03 16:46 - 01597378 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-21 18:20 - 2014-08-21 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-21 17:54 - 2014-05-03 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-21 17:53 - 2014-05-03 17:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-21 17:52 - 2014-05-03 17:06 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\Windows\PCHEALTH
2014-08-19 15:34 - 2014-08-19 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-19 15:34 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-19 15:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Microsoft Help
2014-08-19 15:32 - 2014-08-19 15:32 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-08-19 15:32 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew
2014-08-19 15:31 - 2014-08-19 15:31 - 00000000 ___RD () C:\MSOCache
2014-08-15 10:30 - 2014-08-31 10:24 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-08-15 10:30 - 2014-08-31 10:24 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-08-15 10:30 - 2014-08-31 10:24 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-08-14 17:50 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Might & Magic Heroes VI
2014-08-14 16:48 - 2014-08-14 16:20 - 00000000 ____D () C:\Users\Thorben\Documents\Might & Magic Heroes VI
2014-08-14 16:28 - 2014-08-14 16:28 - 00000000 ____D () C:\Users\Thorben\AppData\Local\Chromium
2014-08-14 02:17 - 2014-08-14 02:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-14 02:12 - 2014-05-03 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-14 02:12 - 2014-05-03 18:37 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-14 02:11 - 2014-08-14 02:11 - 00159744 _____ () C:\Windows\winhlq32.exe
2014-08-14 02:11 - 2014-08-14 02:11 - 00003612 _____ () C:\Windows\System32\Tasks\AnwendungserfahrungFunctionauf
2014-08-14 02:07 - 2014-05-03 18:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-14 02:07 - 2014-05-03 17:37 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-13 19:24 - 2014-05-18 14:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-13 19:24 - 2014-05-03 19:14 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-13 19:24 - 2014-05-03 19:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-13 03:50 - 2014-08-13 03:48 - 00000000 ____D () C:\ArcTemp
2014-08-13 03:50 - 2014-08-13 03:45 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-08-13 03:48 - 2014-08-13 03:47 - 00000000 ____D () C:\Users\Thorben\AppData\Roaming\Arc
2014-08-13 03:45 - 2014-08-13 03:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2014-08-13 03:45 - 2014-05-03 16:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-07 04:06 - 2014-08-21 17:40 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-21 17:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 21:45 - 2014-08-06 21:45 - 00000000 ____D () C:\Users\Thorben\Documents\SimCity
Some content of TEMP:
====================
C:\Users\Thorben\AppData\Local\Temp\avgnt.exe
C:\Users\Thorben\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-27 22:15
==================== End Of Log ============================
Vielen Dank für deine Hilfe. |
|
05.09.2014, 06:54
| #12 |
| /// the machine /// TB-Ausbilder | Virus erstellt voip im Router Flash updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchProvider: Default -> Trovi search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320324&octid=EB_ORIGINAL_CTID&ISID=M9FEC8BBC-1EBC-407B-80E9-96701BEF61BF&SearchSource=58&CUI=&UM=6&UP=SP09328ECB-F0F2-45D3-9CFD-4122C82E6F2E&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Rest sieht gut aus. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.09.2014, 14:00
| #13 |
| | Virus erstellt voip im Router Im Router wird keine Voip mehr generiert. Jedoch habe ich noch folgende Einträge im Log stehen: Die Zahlen hab ich jetzt mal dahinter weggelassen **Vecna Scan** **Smurf** **UDP Loop** Der Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by Thorben at 2014-09-05 14:55:31 Run:1
Running from C:\Users\Thorben\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSearchProvider: Default -> Trovi search
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320324&octid=EB_ORIGINAL_CTID&ISID=M9FEC8BBC-1EBC-407B-80E9-96701BEF61BF&SearchSource=58&CUI=&UM=6&UP=SP09328ECB-F0F2-45D3-9CFD-4122C82E6F2E&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
*****************
Chrome DefaultSearchKeyword deleted successfully.
CHR DefaultSearchProvider: Default -> Trovi search ==> The Chrome "Settings" can be used to fix the entry.
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
==== End of Fixlog ====
|
|
06.09.2014, 11:31
| #14 | |
| /// the machine /// TB-Ausbilder | Virus erstellt voip im RouterZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
Linear-Darstellung
