| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Trojaner - Windows Updates, Firewall defektWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.03.2015, 12:27
| #1 |
 |  Windows 7: Trojaner - Windows Updates, Firewall defekt Hallo, gestern fiel mir auf, dass Avira eine Fehlermeldung anzeigt: die Firewall ist nicht aktiviert. Sie ließ sich aber weder direkt über das Programm noch manuell anschalten. Ebenso der Windows Defender. Als nächstes bemerkte ich, dass auch keine Windows Updates mehr durchgeführt werden. Als letzte Durchführung stand dort Oktober 2012, ich bin mir aber sehr sicher, dass auch danach noch welche stattfanden, da ich den Laptop zeitweise hauptsächlich nutze (da mein anderer zur Reparatur war). Ich ließ daraufhin Malwarebytes laufen, es wurde ein Trojaner (Trojan 0 Access) gefunden und in Quarantäne verschoben. Leider brachte das keinen Erfolg. Ich machte eine Systemwiederherstellung von November 2014, ließ Malwarebytes erneut laufen und auch hier wurde der Trojaner bereits gefunden. In Quarantäne verschoben, machte es zunächst den Eindruck, dass die Updates wieder funktionieren - sie wurden jetzt zumindest gesucht, heruntergeladen und installiert. Nach dem Neustart zeigte mir das Programm aber an, dass ein Fehler aufgetreten sei. Erstmal nur ein Log, da der Beitrag sonst zu lang ist. Ich habe noch den Addition-Log von FRST, GMER, MBAM und OTL. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03 Ran by Britta (administrator) on BRITTA-PC on 09-03-2015 11:25:03 Running from C:\Users\Britta\Desktop Loaded Profiles: Britta (Available profiles: Britta) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Wistron Corp.) C:\Program Files\CapsLK OSD\64\Capsosd.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Lenovo.) C:\Windows\System32\TPHDEXLG64.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe (Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2396968 2010-10-21] (Synaptics Incorporated) HKLM\...\Run: [{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}] => C:\Program Files\CapsLK OSD\64\CAPSOSD.EXE [3699752 2010-10-25] (Wistron Corp.) HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231328 2010-03-15] (Lenovo.) HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-04-03] (Lenovo) HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9745312 2011-04-03] (Lenovo (Beijing) Limited) HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5374880 2011-04-03] (Lenovo(beijing) Limited) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-12-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro) HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2903448 2011-06-06] (Adobe Systems Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-25] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG) HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess? HKU\S-1-5-21-207437039-3126598301-4264572741-1002\...\MountPoints2: {951b091e-a969-11e0-8608-ec55f9d88caf} - E:\LaunchU3.exe -a HKU\S-1-5-21-207437039-3126598301-4264572741-1002\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-207437039-3126598301-4264572741-1002\$ae8be3e7298650509263595fef5e76b1\n. ATTENTION! ====> ZeroAccess? Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll () ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-207437039-3126598301-4264572741-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-207437039-3126598301-4264572741-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File Hosts: 127.0.0.1 activate.adobe.com Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-08] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-08] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\Extensions\abs@avira.com [2015-03-08] FF Extension: Adblock Plus - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-03] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-05-03] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-12-20] (Advanced Micro Devices, Inc.) [File not signed] R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG) S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG) R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [907040 2010-05-10] (Broadcom Corporation.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG) R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-09] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) U2 CLKMSVC10_3A60B698; No ImagePath U2 CLKMSVC10_C3B3B687; No ImagePath U2 DriverService; No ImagePath U2 IAStorDataMgrSvc; No ImagePath U2 idealife Update Service; No ImagePath U3 IGRS; No ImagePath U2 IviRegMgr; No ImagePath U2 nvUpdatusService; No ImagePath U2 Oasis2Service; No ImagePath U2 PCCarerServic; No ImagePath U2 ReadyComm.DirectRouter; No ImagePath U2 RichVideo; No ImagePath U2 RtLedService; No ImagePath U2 SoftwareService; No ImagePath U2 Stereo Service; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-09 11:25 - 2015-03-09 11:25 - 00018293 _____ () C:\Users\Britta\Desktop\FRST.txt 2015-03-09 11:24 - 2015-03-09 11:25 - 00000000 ____D () C:\FRST 2015-03-09 11:24 - 2015-03-09 11:24 - 02095104 _____ (Farbar) C:\Users\Britta\Desktop\FRST64.exe 2015-03-09 11:23 - 2015-03-09 11:23 - 00000474 _____ () C:\Users\Britta\Desktop\defogger_disable.log 2015-03-09 11:23 - 2015-03-09 11:23 - 00000000 _____ () C:\Users\Britta\defogger_reenable 2015-03-09 11:22 - 2015-03-09 11:22 - 00050477 _____ () C:\Users\Britta\Desktop\Defogger.exe 2015-03-09 06:54 - 2015-03-09 06:54 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-03-09 06:54 - 2015-03-09 06:54 - 00001912 _____ () C:\windows\epplauncher.mif 2015-03-09 06:54 - 2015-03-09 06:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-03-09 06:53 - 2015-03-09 06:54 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-03-09 06:51 - 2015-03-09 06:51 - 14179480 _____ (Microsoft Corporation) C:\Users\Britta\Downloads\mseinstall.exe 2015-03-09 06:47 - 2015-03-09 06:47 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\Avira 2015-03-09 06:35 - 2015-03-09 06:35 - 00985600 _____ () C:\Users\Britta\Downloads\MicrosoftFixit50123.msi 2015-03-09 06:15 - 2015-03-09 06:15 - 00000000 ___SD () C:\windows\system32\CompatTel 2015-03-09 06:15 - 2015-03-09 06:15 - 00000000 ____D () C:\windows\system32\appraiser 2015-03-09 04:26 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls 2015-03-09 04:26 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls 2015-03-09 04:16 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll 2015-03-09 04:16 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL 2015-03-09 04:16 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL 2015-03-09 04:16 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll 2015-03-09 03:34 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE 2015-03-09 03:13 - 2015-03-09 03:13 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb 2015-03-09 03:13 - 2015-03-09 03:13 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb 2015-03-09 03:13 - 2015-03-09 03:13 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-03-09 03:13 - 2015-03-09 03:13 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-03-09 03:13 - 2015-03-09 03:13 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat 2015-03-09 03:13 - 2015-03-09 03:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat 2015-03-09 03:13 - 2015-03-09 03:13 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec 2015-03-09 03:13 - 2015-03-09 03:13 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec 2015-03-09 03:13 - 2015-03-09 03:13 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2015-03-09 03:13 - 2015-03-09 03:13 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx 2015-03-09 03:13 - 2015-03-09 03:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll 2015-03-09 03:13 - 2015-03-09 03:13 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe 2015-03-09 03:13 - 2015-03-09 03:13 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2015-03-09 03:06 - 2015-03-09 03:06 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2015-03-09 03:00 - 2015-03-09 03:34 - 00014780 _____ () C:\windows\IE11_main.log 2015-03-09 00:14 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll 2015-03-09 00:14 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll 2015-03-09 00:14 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll 2015-03-09 00:14 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe 2015-03-09 00:14 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe 2015-03-09 00:14 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll 2015-03-09 00:14 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll 2015-03-09 00:14 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe 2015-03-09 00:14 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe 2015-03-09 00:14 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll 2015-03-08 23:57 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll 2015-03-08 23:57 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe 2015-03-08 23:57 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll 2015-03-08 23:57 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll 2015-03-08 23:57 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll 2015-03-08 23:57 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys 2015-03-08 23:57 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys 2015-03-08 23:57 - 2012-06-02 15:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2015-03-08 23:20 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll 2015-03-08 23:20 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll 2015-03-08 23:20 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe 2015-03-08 23:20 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe 2015-03-08 23:20 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe 2015-03-08 23:20 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll 2015-03-08 23:20 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe 2015-03-08 23:20 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll 2015-03-08 23:16 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys 2015-03-08 23:16 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll 2015-03-08 23:16 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll 2015-03-08 23:16 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll 2015-03-08 23:16 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll 2015-03-08 23:15 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-03-08 23:15 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-03-08 23:15 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-03-08 23:15 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-03-08 23:15 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-03-08 23:15 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll 2015-03-08 23:15 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-03-08 23:15 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe 2015-03-08 23:15 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-03-08 23:15 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys 2015-03-08 23:15 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-03-08 23:15 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll 2015-03-08 23:15 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe 2015-03-08 23:15 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll 2015-03-08 23:15 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll 2015-03-08 23:15 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe 2015-03-08 23:15 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll 2015-03-08 23:15 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll 2015-03-08 23:15 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll 2015-03-08 23:15 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe 2015-03-08 23:15 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll 2015-03-08 23:15 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll 2015-03-08 23:15 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll 2015-03-08 23:15 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll 2015-03-08 23:15 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll 2015-03-08 23:15 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys 2015-03-08 23:15 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll 2015-03-08 23:15 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll 2015-03-08 23:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll 2015-03-08 23:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll 2015-03-08 23:15 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll 2015-03-08 23:15 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe 2015-03-08 23:15 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe 2015-03-08 23:15 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe 2015-03-08 23:15 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe 2015-03-08 23:15 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll 2015-03-08 23:15 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll 2015-03-08 23:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll 2015-03-08 23:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll 2015-03-08 23:15 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll 2015-03-08 23:15 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe 2015-03-08 23:15 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe 2015-03-08 23:15 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe 2015-03-08 23:15 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe 2015-03-08 23:14 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll 2015-03-08 23:14 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll 2015-03-08 23:14 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll 2015-03-08 23:14 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll 2015-03-08 23:14 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll 2015-03-08 23:14 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll 2015-03-08 23:14 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll 2015-03-08 23:14 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll 2015-03-08 23:14 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll 2015-03-08 23:14 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll 2015-03-08 23:13 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll 2015-03-08 23:13 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL 2015-03-08 23:13 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL 2015-03-08 23:12 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll 2015-03-08 23:12 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll 2015-03-08 23:12 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll 2015-03-08 23:12 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll 2015-03-08 23:12 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll 2015-03-08 23:12 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll 2015-03-08 23:12 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll 2015-03-08 23:12 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll 2015-03-08 23:12 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll 2015-03-08 23:12 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll 2015-03-08 23:11 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll 2015-03-08 23:11 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll 2015-03-08 23:11 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll 2015-03-08 23:11 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll 2015-03-08 23:11 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll 2015-03-08 23:11 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll 2015-03-08 23:11 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe 2015-03-08 23:11 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe 2015-03-08 23:11 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2015-03-08 23:11 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2015-03-08 23:11 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll 2015-03-08 23:11 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2015-03-08 23:11 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll 2015-03-08 23:11 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll 2015-03-08 23:11 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll 2015-03-08 23:11 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll 2015-03-08 23:11 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll 2015-03-08 23:11 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll 2015-03-08 23:11 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll 2015-03-08 23:11 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll 2015-03-08 23:11 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll 2015-03-08 23:11 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll 2015-03-08 23:11 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll 2015-03-08 23:11 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll 2015-03-08 23:11 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys 2015-03-08 23:10 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2015-03-08 23:10 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys 2015-03-08 23:10 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe 2015-03-08 23:10 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll 2015-03-08 23:10 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll 2015-03-08 23:10 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll 2015-03-08 23:10 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll 2015-03-08 23:10 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll 2015-03-08 23:10 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2015-03-08 23:10 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll 2015-03-08 23:10 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2015-03-08 23:10 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll 2015-03-08 23:10 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll 2015-03-08 23:10 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll 2015-03-08 23:10 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys 2015-03-08 23:10 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll 2015-03-08 23:10 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll 2015-03-08 23:10 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2015-03-08 23:10 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll 2015-03-08 23:10 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2015-03-08 23:10 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll 2015-03-08 23:10 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll 2015-03-08 23:10 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll 2015-03-08 23:10 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys 2015-03-08 23:10 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys 2015-03-08 23:10 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys 2015-03-08 23:10 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys 2015-03-08 23:10 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys 2015-03-08 23:10 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys 2015-03-08 23:10 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys 2015-03-08 23:10 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll 2015-03-08 23:10 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll 2015-03-08 23:10 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll 2015-03-08 23:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll 2015-03-08 23:10 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys 2015-03-08 23:10 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys 2015-03-08 23:10 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys 2015-03-08 23:10 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys 2015-03-08 23:10 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys 2015-03-08 23:10 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll 2015-03-08 23:10 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll 2015-03-08 23:10 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll 2015-03-08 23:10 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll 2015-03-08 23:10 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll 2015-03-08 23:10 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll 2015-03-08 23:10 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys 2015-03-08 23:10 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys 2015-03-08 23:10 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys 2015-03-08 23:10 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys 2015-03-08 23:10 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll 2015-03-08 23:10 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll 2015-03-08 23:10 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll 2015-03-08 23:10 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-03-08 23:10 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll 2015-03-08 23:10 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll 2015-03-08 23:10 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll 2015-03-08 23:10 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-03-08 23:10 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll 2015-03-08 23:10 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll 2015-03-08 23:10 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll 2015-03-08 23:10 - 2013-04-01 07:03 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_AuthenticAMD.dll 2015-03-08 23:10 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll 2015-03-08 23:10 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys 2015-03-08 23:10 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys 2015-03-08 23:10 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll 2015-03-08 23:10 - 2012-11-28 23:56 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-03-08 23:10 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll 2015-03-08 23:10 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll 2015-03-08 23:09 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL 2015-03-08 23:09 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL 2015-03-08 23:09 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys 2015-03-08 23:09 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll 2015-03-08 23:09 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll 2015-03-08 23:09 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys 2015-03-08 23:09 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll 2015-03-08 23:08 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2015-03-08 23:08 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll 2015-03-08 23:08 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll 2015-03-08 23:08 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe 2015-03-08 23:08 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe 2015-03-08 23:08 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe 2015-03-08 23:08 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll 2015-03-08 23:08 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-03-08 23:08 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-03-08 23:08 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll 2015-03-08 23:08 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-03-08 23:08 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll 2015-03-08 23:08 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll 2015-03-08 23:08 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll 2015-03-08 23:08 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll 2015-03-08 23:08 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-03-08 23:08 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll 2015-03-08 23:08 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll 2015-03-08 23:08 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll 2015-03-08 23:08 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll 2015-03-08 23:08 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll 2015-03-08 22:56 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe 2015-03-08 22:56 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe 2015-03-08 22:56 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll 2015-03-08 22:56 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll 2015-03-08 22:56 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll 2015-03-08 22:56 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe 2015-03-08 22:56 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys 2015-03-08 22:56 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys 2015-03-08 22:56 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll 2015-03-08 22:56 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll 2015-03-08 22:56 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll 2015-03-08 22:55 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll 2015-03-08 22:55 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll 2015-03-08 22:55 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll 2015-03-08 22:55 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll 2015-03-08 22:55 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll 2015-03-08 22:55 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll 2015-03-08 22:54 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll 2015-03-08 22:54 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll 2015-03-08 22:54 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll 2015-03-08 22:54 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll 2015-03-08 22:54 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs 2015-03-08 22:54 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs 2015-03-08 22:54 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs 2015-03-08 22:54 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs 2015-03-08 22:54 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs 2015-03-08 22:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs 2015-03-08 22:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs 2015-03-08 22:54 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs 2015-03-08 22:54 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs 2015-03-08 22:51 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll 2015-03-08 22:51 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll 2015-03-08 22:50 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll 2015-03-08 22:50 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll 2015-03-08 22:50 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll 2015-03-08 22:50 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe 2015-03-08 22:48 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-03-08 22:48 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2015-03-08 22:48 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll 2015-03-08 22:48 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe 2015-03-08 22:48 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe 2015-03-08 22:48 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll 2015-03-08 22:48 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll 2015-03-08 22:48 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll 2015-03-08 22:47 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-03-08 22:47 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll 2015-03-08 22:47 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll 2015-03-08 22:47 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll 2015-03-08 22:47 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll 2015-03-08 22:47 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2015-03-08 22:47 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll 2015-03-08 22:47 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe 2015-03-08 22:47 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll 2015-03-08 22:47 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll 2015-03-08 22:47 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2015-03-08 22:47 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll 2015-03-08 22:47 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll 2015-03-08 22:47 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll 2015-03-08 22:47 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll 2015-03-08 22:47 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll 2015-03-08 22:47 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2015-03-08 22:47 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe 2015-03-08 22:47 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll 2015-03-08 22:47 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe 2015-03-08 22:47 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe 2015-03-08 22:47 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe 2015-03-08 22:47 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-03-08 22:47 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-03-08 22:47 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll 2015-03-08 22:47 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll 2015-03-08 22:47 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll 2015-03-08 22:46 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll 2015-03-08 22:46 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll 2015-03-08 22:46 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll 2015-03-08 22:46 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll 2015-03-08 22:46 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe 2015-03-08 22:46 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe 2015-03-08 22:46 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll 2015-03-08 22:46 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll 2015-03-08 22:46 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll 2015-03-08 22:46 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll 2015-03-08 22:46 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll 2015-03-08 22:46 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll 2015-03-08 22:46 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll 2015-03-08 22:46 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll 2015-03-08 22:46 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll 2015-03-08 22:46 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll 2015-03-08 22:46 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll 2015-03-08 22:46 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2015-03-08 22:46 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2015-03-08 22:46 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys 2015-03-08 22:46 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys 2015-03-08 22:46 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys 2015-03-08 22:46 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll 2015-03-08 22:46 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll 2015-03-08 22:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx 2015-03-08 22:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll 2015-03-08 22:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx 2015-03-08 22:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll 2015-03-08 22:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe 2015-03-08 22:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe 2015-03-08 22:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe 2015-03-08 22:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe 2015-03-08 22:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-03-08 22:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-03-08 22:46 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys 2015-03-08 22:46 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe 2015-03-08 22:45 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll 2015-03-08 22:45 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll 2015-03-08 22:45 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll 2015-03-08 22:45 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll 2015-03-08 22:45 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll 2015-03-08 22:45 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll 2015-03-08 22:45 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll 2015-03-08 22:45 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll 2015-03-08 22:45 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe 2015-03-08 22:45 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll 2015-03-08 22:45 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll 2015-03-08 22:45 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll 2015-03-08 22:45 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll 2015-03-08 22:45 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe 2015-03-08 22:45 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-03-08 22:45 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2015-03-08 22:45 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys 2015-03-08 22:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll 2015-03-08 22:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL 2015-03-08 22:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL 2015-03-08 22:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll 2015-03-08 22:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL 2015-03-08 22:45 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll 2015-03-08 22:45 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll 2015-03-08 22:45 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll 2015-03-08 22:45 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll 2015-03-08 22:45 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll 2015-03-08 20:45 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-03-08 20:45 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-03-08 20:45 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-03-08 20:45 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-03-08 20:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-03-08 20:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-03-08 20:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-03-08 20:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-03-08 20:44 - 2015-03-08 20:44 - 00054180 _____ () C:\Users\Britta\Desktop\Extras.Txt 2015-03-08 20:40 - 2015-03-08 20:40 - 00072640 _____ () C:\Users\Britta\Desktop\OTL.Txt 2015-03-08 20:19 - 2015-03-08 20:19 - 00602112 _____ (OldTimer Tools) C:\Users\Britta\Downloads\OTL(1).exe 2015-03-08 20:18 - 2015-03-08 20:18 - 00602112 _____ (OldTimer Tools) C:\Users\Britta\Desktop\OTL.exe 2015-03-08 20:17 - 2015-03-08 20:17 - 00001204 _____ () C:\Users\Britta\Desktop\mbam.txt 2015-03-08 17:08 - 2015-03-09 10:28 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-08 17:08 - 2015-03-08 17:08 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-08 17:08 - 2015-03-08 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-08 17:08 - 2015-03-08 17:08 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-08 17:08 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys 2015-03-08 17:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys 2015-03-08 17:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys 2015-03-08 17:07 - 2015-03-08 17:07 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Britta\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-08 17:03 - 2015-03-08 17:03 - 00011467 _____ () C:\Users\Britta\Documents\prüfung2.txt 2015-03-08 16:50 - 2015-03-08 16:50 - 00011979 _____ () C:\Users\Britta\Documents\prüfung.txt 2015-03-08 16:48 - 2015-03-08 16:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\Britta\Downloads\HiJackThis204.exe 2015-03-08 16:45 - 2015-03-08 16:45 - 00347816 _____ (Microsoft Corporation) C:\Users\Britta\Downloads\MicrosoftFixit.wu.LB.834928548827129.1.1.Run.exe 2015-03-08 16:44 - 2015-03-08 16:44 - 163016912 _____ () C:\Users\Britta\Downloads\avira_free650_antivirus_de.exe 2015-03-08 16:43 - 2015-03-08 16:43 - 40824144 _____ () C:\Users\Britta\Downloads\Firefox_Setup_36.0.1.exe 2015-03-08 16:43 - 2015-03-08 16:43 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-08 16:43 - 2015-03-08 16:43 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-08 13:49 - 2015-03-08 13:49 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de(2).zip 2015-03-08 13:49 - 2015-03-08 13:49 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de(1).zip 2015-03-08 12:56 - 2015-03-08 12:56 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de.zip 2015-03-08 12:06 - 2015-03-08 12:08 - 00000260 _____ () C:\Descriptors.txt ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-09 11:25 - 2011-04-03 00:01 - 01948914 _____ () C:\windows\WindowsUpdate.log 2015-03-09 11:23 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta 2015-03-09 11:20 - 2011-11-26 19:25 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\uTorrent 2015-03-09 11:15 - 2011-04-03 00:43 - 09601280 _____ () C:\windows\system32\TPAPSLOG.LOG 2015-03-09 11:10 - 2011-04-03 00:43 - 00720256 _____ () C:\windows\system32\TPHDLOG0.LOG 2015-03-09 10:35 - 2012-04-05 09:37 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job 2015-03-09 10:18 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-09 10:18 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-09 10:15 - 2011-04-03 07:19 - 00659238 _____ () C:\windows\system32\perfh007.dat 2015-03-09 10:15 - 2011-04-03 07:19 - 00132776 _____ () C:\windows\system32\perfc007.dat 2015-03-09 10:15 - 2009-07-14 06:13 - 01512418 _____ () C:\windows\system32\PerfStringBackup.INI 2015-03-09 10:10 - 2011-04-03 00:53 - 00275152 _____ () C:\windows\system32\fastboot.set 2015-03-09 10:10 - 2011-04-03 00:50 - 03542286 _____ () C:\FaceProv.log 2015-03-09 10:09 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT 2015-03-09 10:09 - 2009-07-14 05:51 - 00115697 _____ () C:\windows\setupact.log 2015-03-09 06:49 - 2013-05-02 09:48 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys 2015-03-09 06:44 - 2011-05-03 03:19 - 00348260 _____ () C:\windows\PFRO.log 2015-03-09 06:41 - 2012-10-30 16:42 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2015-03-09 06:41 - 2012-10-30 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-03-09 06:29 - 2011-05-03 19:30 - 00087792 _____ () C:\Users\Britta\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-09 06:28 - 2011-05-03 19:29 - 00001421 _____ () C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-09 06:26 - 2009-07-29 08:00 - 00000000 ____D () C:\windows\Panther 2015-03-09 06:21 - 2009-07-14 05:45 - 00335608 _____ () C:\windows\system32\FNTCACHE.DAT 2015-03-09 06:15 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions 2015-03-09 06:15 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat 2015-03-09 06:14 - 2009-07-29 08:23 - 00000000 ____D () C:\Program Files\Windows Journal 2015-03-09 06:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender 2015-03-09 06:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK 2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR 2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism 2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\zh-HK 2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\tr-TR 2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism 2015-03-08 18:35 - 2012-04-05 09:37 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe 2015-03-08 18:35 - 2012-04-05 09:37 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-03-08 18:35 - 2011-09-02 13:10 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-08 17:01 - 2013-10-05 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-08 16:49 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta\AppData\Local\VirtualStore 2015-03-08 16:43 - 2014-11-15 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-08 16:38 - 2012-10-30 16:42 - 00000000 ____D () C:\ProgramData\Avira 2015-03-08 16:37 - 2014-08-06 08:15 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-08 16:37 - 2013-06-17 14:19 - 00000000 ____D () C:\windows\Minidump 2015-03-08 16:37 - 2012-10-30 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira 2015-03-08 16:37 - 2011-10-30 09:23 - 00000000 ____D () C:\windows\system32\Macromed 2015-03-08 16:37 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo 2015-03-08 16:37 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration 2015-03-08 01:47 - 2011-05-28 11:43 - 00000000 ____D () C:\Users\Britta\Tracing 2015-02-25 17:53 - 2013-04-10 00:49 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys 2015-02-25 17:53 - 2013-04-10 00:49 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys 2015-02-07 10:08 - 2011-05-03 22:10 - 00000000 ____D () C:\Users\Britta\AppData\Local\Adobe ==================== Files in the root of some directories ======= 2013-02-01 12:06 - 2013-02-01 12:06 - 0003584 _____ () C:\Users\Britta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ZeroAccess: C:\$Recycle.Bin\S-1-5-21-207437039-3126598301-4264572741-1002\$ae8be3e7298650509263595fef5e76b1 ZeroAccess: C:\$Recycle.Bin\S-1-5-18\$ae8be3e7298650509263595fef5e76b1 Some content of TEMP: ==================== C:\Users\Britta\AppData\Local\Temp\AskSLib.dll C:\Users\Britta\AppData\Local\Temp\avgnt.exe C:\Users\Britta\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbpjdyj.dll C:\Users\Britta\AppData\Local\Temp\InstallFlashPlayer.exe C:\Users\Britta\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe C:\Users\Britta\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe C:\Users\Britta\AppData\Local\Temp\MSN1768.exe C:\Users\Britta\AppData\Local\Temp\WZCPlugin_VISTA.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-07 18:59 ==================== End Of Log ============================ |
|
09.03.2015, 12:44
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: Trojaner - Windows Updates, Firewall defekt hi,
__________________jetzt bitte die Addition.txt posten.
__________________ |
|
09.03.2015, 12:55
| #3 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt Alles klar, hier kommt sie:
__________________Danke schon mal für die Hilfe! Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by Britta at 2015-03-09 11:27:21
Running from C:\Users\Britta\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.0.0 - )
Active Protection System (HKLM-x32\...\{F493761C-E465-4B9E-9FC1-A312F161DE0A}) (Version: 1.70.11 - Lenovo)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.0 - Adobe Systems)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{6350C333-1E97-C2C1-356A-17122D02E33C}) (Version: 3.0.800.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CapsLK OSD (HKLM-x32\...\{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}) (Version: 1.01 - Wistron Corporation)
ccc-core-static (x32 Version: 2010.1220.639.11807 - Ihr Firmenname) Hidden
Cisco AnyConnect VPN Client (HKLM-x32\...\{F4C6DD02-8ACA-4354-BA36-9FFC3B767E73}) (Version: 2.5.2014 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.48.0.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-207437039-3126598301-4264572741-1002\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.1.6 - Lenovo)
Energy Management (x32 Version: 6.0.1.6 - Lenovo) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
ICQ7.6 (HKLM-x32\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2100 - Broadcom Corporation)
Lenovo DirectShare (HKLM-x32\...\InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}) (Version: 1.0.1.38 - ArcSoft)
Lenovo DirectShare (x32 Version: 1.0.1.38 - ArcSoft) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ECC-B6BD-9C31E51D0333}) (Version: 1.10.1119.1 - Lenovo EasyCamera)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3603 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 3.1.3603 - CyberLink Corp.) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-207437039-3126598301-4264572741-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.30 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10008 - Realtek Semiconductor Corp.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.20.0 - Synaptics Incorporated)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Zeta Uploader (HKU\S-1-5-21-207437039-3126598301-4264572741-1002\...\ZetaUploader) (Version: 2.1.0.76 - Zeta Software GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Britta\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{9EC73D8B-31E2-439F-B470-A89F86F5A1A2}\InprocServer32 -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-207437039-3126598301-4264572741-1002_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\$Recycle.Bin ()
==================== Restore Points =========================
08-03-2015 10:33:31 Geplanter Prüfpunkt
08-03-2015 15:59:28 Wiederherstellungsvorgang
08-03-2015 16:59:57 Removed Java 8 Update 25
08-03-2015 20:44:55 Windows Update
08-03-2015 23:18:54 Windows Update
09-03-2015 06:38:01 Installed Microsoft Fix it 50123
09-03-2015 10:45:41 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2011-05-04 18:43 - 00000854 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {448AE0D2-8CFD-40DA-9E4F-4427877F7CC8} - System32\Tasks\{3571C521-E12B-40D1-9A55-568210D5D3FB} => pcalua.exe -a C:\Users\Britta\Downloads\wlsetup-web.exe -d C:\Users\Britta\Downloads
Task: {56C32551-6773-4535-9773-514EF44A7A11} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-08] (Adobe Systems Incorporated)
Task: {66DD935D-849D-4143-953A-2F7B1496370A} - System32\Tasks\{806EFB8D-11BC-4137-A52C-73199FA9E926} => pcalua.exe -a C:\Users\Britta\Downloads\rescue2usb.exe -d C:\Users\Britta\Downloads
Task: {C1307514-3679-4AA8-A23F-7595988F1110} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D1BFD674-F27C-4367-AB16-A4188B852330} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05] (CyberLink)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2011-04-03 00:49 - 2011-04-03 00:49 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
2011-04-03 00:49 - 2011-04-03 00:49 - 00628064 _____ () C:\windows\system32\SimpleExt.dll
2011-05-03 22:57 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2011-04-03 00:33 - 2010-10-25 13:43 - 00015400 _____ () C:\Program Files\CapsLK OSD\64\COKHOOK.dll
2008-12-20 04:20 - 2011-04-03 01:08 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2008-12-20 04:20 - 2011-04-03 01:08 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2010-12-20 07:50 - 2010-12-20 07:50 - 00079872 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2010-12-20 07:50 - 2010-12-20 07:50 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2010-05-10 12:52 - 2010-05-10 12:52 - 00173344 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-06-06 20:55 - 2011-06-06 20:55 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2014-08-06 08:15 - 2014-07-14 15:49 - 00049744 _____ () C:\Users\Britta\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-14 15:49 - 2014-07-14 15:49 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: VeriFaceManager => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
==================== Accounts: =============================
Administrator (S-1-5-21-207437039-3126598301-4264572741-500 - Administrator - Disabled)
Britta (S-1-5-21-207437039-3126598301-4264572741-1002 - Administrator - Enabled) => C:\Users\Britta
Gast (S-1-5-21-207437039-3126598301-4264572741-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-207437039-3126598301-4264572741-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2015 04:10:40 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (08/09/2014 04:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x1144
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/09/2014 10:36:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8408
Error: (08/09/2014 10:36:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8408
Error: (08/09/2014 10:36:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/09/2014 10:36:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6521
Error: (08/09/2014 10:36:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6521
Error: (08/09/2014 10:36:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/07/2014 04:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 30.0.0.5269, Zeitstempel: 0x53914233
Name des fehlerhaften Moduls: mozalloc.dll, Version: 30.0.0.5269, Zeitstempel: 0x53911393
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0xdbc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (05/17/2014 08:21:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23946
System errors:
=============
Error: (03/09/2015 11:00:49 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 11:00:49 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 11:00:49 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 11:00:49 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 11:00:49 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 10:55:47 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 10:28:56 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 10:28:56 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 10:28:35 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (03/09/2015 10:28:35 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 0.0.0.0
Aktualisierungsquelle: %NT-AUTORITÄT51
Aktualisierungsphase: 4.7.0205.00
Quellpfad: 4.7.0205.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\NETZWERKDIENST
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Microsoft Office Sessions:
=========================
Error: (03/08/2015 04:10:40 PM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: 0x0
Error: (08/09/2014 04:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b114401cfb3e39d17f952C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll58c8b9e9-1fd9-11e4-a3b1-ec55f9d88caf
Error: (08/09/2014 10:36:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8408
Error: (08/09/2014 10:36:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8408
Error: (08/09/2014 10:36:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/09/2014 10:36:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6521
Error: (08/09/2014 10:36:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6521
Error: (08/09/2014 10:36:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/07/2014 04:03:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141bdbc01cf99f0d33f28baC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlle431d0b0-05e7-11e4-8c36-ec55f9d88caf
Error: (05/17/2014 08:21:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23946
==================== Memory info ===========================
Processor: AMD E-350 Processor
Percentage of memory in use: 49%
Total physical RAM: 3688.67 MB
Available physical RAM: 1878.97 MB
Total Pagefile: 7375.53 MB
Available Pagefile: 5320.64 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:254.14 GB) (Free:192.67 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:27.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: DE753F8E)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=254.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End Of Log ============================
|
|
09.03.2015, 18:59
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: Trojaner - Windows Updates, Firewall defekt hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.03.2015, 00:06
| #5 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt Mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.09.05
rootkit: v2015.02.25.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Britta :: BRITTA-PC [administrator]
09.03.2015 21:49:08
mbar-log-2015-03-09 (21-49-08).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 349959
Time elapsed: 42 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 6
C:\$Recycle.Bin\S-1-5-18\$ae8be3e7298650509263595fef5e76b1\U (Trojan.Siredef.C) -> Delete on reboot. [7702d46fc0ca85b1c84409f8eb1507f9]
C:\$Recycle.Bin\S-1-5-21-207437039-3126598301-4264572741-1002\$ae8be3e7298650509263595fef5e76b1\U (Trojan.Siredef.C) -> Delete on reboot. [82f71f24d7b3ef470507ef12827ebe42]
C:\$Recycle.Bin\S-1-5-18\$ae8be3e7298650509263595fef5e76b1\L (Trojan.Siredef.C) -> Delete on reboot. [19607cc793f7c76fc64860a106fa9868]
C:\$Recycle.Bin\S-1-5-21-207437039-3126598301-4264572741-1002\$ae8be3e7298650509263595fef5e76b1\L (Trojan.Siredef.C) -> Delete on reboot. [027780c34d3d0a2c33db7091da261ae6]
C:\$Recycle.Bin\S-1-5-18\$ae8be3e7298650509263595fef5e76b1 (Trojan.Siredef.C) -> Delete on reboot. [1a5fde65830770c642cd59a8b44c56aa]
C:\$Recycle.Bin\S-1-5-21-207437039-3126598301-4264572741-1002\$ae8be3e7298650509263595fef5e76b1 (Trojan.Siredef.C) -> Delete on reboot. [d3a64bf8880245f1d738b24f43bd956b]
Files Detected: 2
C:\$Recycle.Bin\S-1-5-18\$ae8be3e7298650509263595fef5e76b1\@ (Trojan.Siredef.C) -> Delete on reboot. [5b1eae954e3cda5cac5da25f89777987]
C:\$Recycle.Bin\S-1-5-21-207437039-3126598301-4264572741-1002\$ae8be3e7298650509263595fef5e76b1\@ (Trojan.Siredef.C) -> Delete on reboot. [f8818ab9008a96a004055ba688785aa6]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
TDSS Killer: Code:
ATTFilter 23:58:52.0829 0x0354 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
23:58:58.0645 0x0354 ============================================================
23:58:58.0645 0x0354 Current date / time: 2015/03/09 23:58:58.0645
23:58:58.0645 0x0354 SystemInfo:
23:58:58.0645 0x0354
23:58:58.0645 0x0354 OS Version: 6.1.7601 ServicePack: 1.0
23:58:58.0645 0x0354 Product type: Workstation
23:58:58.0646 0x0354 ComputerName: BRITTA-PC
23:58:58.0646 0x0354 UserName: Britta
23:58:58.0647 0x0354 Windows directory: C:\windows
23:58:58.0647 0x0354 System windows directory: C:\windows
23:58:58.0647 0x0354 Running under WOW64
23:58:58.0647 0x0354 Processor architecture: Intel x64
23:58:58.0647 0x0354 Number of processors: 2
23:58:58.0647 0x0354 Page size: 0x1000
23:58:58.0647 0x0354 Boot type: Normal boot
23:58:58.0647 0x0354 ============================================================
23:58:59.0107 0x0354 KLMD registered as C:\windows\system32\drivers\32467079.sys
23:59:00.0173 0x0354 System UUID: {7EDA0910-61B5-F045-9A07-60B87AE82CF6}
23:59:01.0678 0x0354 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:59:01.0690 0x0354 ============================================================
23:59:01.0690 0x0354 \Device\Harddisk0\DR0:
23:59:01.0701 0x0354 MBR partitions:
23:59:01.0701 0x0354 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
23:59:01.0701 0x0354 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC49800
23:59:01.0728 0x0354 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD800
23:59:01.0728 0x0354 ============================================================
23:59:01.0775 0x0354 C: <-> \Device\Harddisk0\DR0\Partition2
23:59:01.0897 0x0354 D: <-> \Device\Harddisk0\DR0\Partition3
23:59:01.0897 0x0354 ============================================================
23:59:01.0898 0x0354 Initialize success
23:59:01.0898 0x0354 ============================================================
00:00:26.0200 0x12ec ============================================================
00:00:26.0200 0x12ec Scan started
00:00:26.0200 0x12ec Mode: Manual; SigCheck; TDLFS;
00:00:26.0200 0x12ec ============================================================
00:00:26.0200 0x12ec KSN ping started
00:00:26.0606 0x12ec KSN ping finished: false
00:00:28.0151 0x12ec ================ Scan system memory ========================
00:00:28.0151 0x12ec System memory - ok
00:00:28.0151 0x12ec ================ Scan services =============================
00:00:28.0401 0x12ec [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
00:00:28.0604 0x12ec 1394ohci - ok
00:00:28.0682 0x12ec [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
00:00:28.0745 0x12ec ACPI - ok
00:00:28.0792 0x12ec [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
00:00:28.0916 0x12ec AcpiPmi - ok
00:00:28.0994 0x12ec [ 5BBFF8B826EC38D32C26334E079C7EFC, 673D46409F0225A804B55FFB77E82AF34F8C7A93BEEF92DC3DFAC7EFCC5F09B6 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys
00:00:29.0088 0x12ec ACPIVPC - ok
00:00:29.0197 0x12ec [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:00:29.0244 0x12ec AdobeARMservice - ok
00:00:29.0447 0x12ec [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:00:29.0509 0x12ec AdobeFlashPlayerUpdateSvc - ok
00:00:29.0619 0x12ec [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
00:00:29.0682 0x12ec adp94xx - ok
00:00:29.0744 0x12ec [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
00:00:29.0791 0x12ec adpahci - ok
00:00:29.0853 0x12ec [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
00:00:29.0900 0x12ec adpu320 - ok
00:00:29.0931 0x12ec [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
00:00:30.0197 0x12ec AeLookupSvc - ok
00:00:30.0275 0x12ec [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
00:00:30.0368 0x12ec AFD - ok
00:00:30.0415 0x12ec [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
00:00:30.0446 0x12ec agp440 - ok
00:00:30.0477 0x12ec [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
00:00:30.0555 0x12ec ALG - ok
00:00:30.0633 0x12ec [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
00:00:30.0665 0x12ec aliide - ok
00:00:30.0711 0x12ec [ 208BFFD23CCB582F8EC62C7D973B0050, 7F76EC7896272A3FF47B0F387DCD1FA01311036AB8BFCDFCAD2701745DAB316D ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
00:00:30.0821 0x12ec AMD External Events Utility - ok
00:00:30.0867 0x12ec AMD FUEL Service - ok
00:00:30.0961 0x12ec [ DD27F6C3DE9BFE50635C721E09EDC5DD, CBB76DDF70A98745FEE85B784C6B5BA3B8801D955D04A71A907275113D7DFF07 ] AMD Reservation Manager C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
00:00:30.0992 0x12ec AMD Reservation Manager - ok
00:00:31.0039 0x12ec [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
00:00:31.0070 0x12ec amdide - ok
00:00:31.0117 0x12ec [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\windows\system32\DRIVERS\amdiox64.sys
00:00:31.0148 0x12ec amdiox64 - ok
00:00:31.0179 0x12ec [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
00:00:31.0257 0x12ec AmdK8 - ok
00:00:31.0757 0x12ec [ 2B8C65B19D3E5664AF0CD703799FDAF9, 5EDCE3380D53EF5420BAD2F8206F83B0F86B57ED7054D6C9B57294662B2F03B8 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
00:00:32.0396 0x12ec amdkmdag - ok
00:00:32.0490 0x12ec [ 781EBFE2112D4969E024F19F34D49E3E, F790C976757B6EA2C2642F9DF189489A50C4A96E78D4C96CEC705FCF4477AEC3 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
00:00:32.0552 0x12ec amdkmdap - ok
00:00:32.0599 0x12ec [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
00:00:32.0646 0x12ec AmdPPM - ok
00:00:32.0693 0x12ec [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
00:00:32.0724 0x12ec amdsata - ok
00:00:32.0786 0x12ec [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
00:00:32.0817 0x12ec amdsbs - ok
00:00:32.0864 0x12ec [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
00:00:32.0880 0x12ec amdxata - ok
00:00:32.0927 0x12ec [ 80A508D0C7A21BC13C01D4C671541203, EC9B465B92C87522ED216CECB099AD91833C224E55969E1B3A033EE8A4A4F68D ] amd_sata C:\windows\system32\DRIVERS\amd_sata.sys
00:00:32.0942 0x12ec amd_sata - ok
00:00:32.0973 0x12ec [ 2BE940F3A632A1A301B22B096BF221F1, 6D828467CE0D76223C29BDB77E62422014A5842A1FE90E79C179DFDCA8AFDF71 ] amd_xata C:\windows\system32\DRIVERS\amd_xata.sys
00:00:33.0005 0x12ec amd_xata - ok
00:00:33.0161 0x12ec [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:00:33.0207 0x12ec AntiVirSchedulerService - ok
00:00:33.0301 0x12ec [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:00:33.0332 0x12ec AntiVirService - ok
00:00:33.0395 0x12ec [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
00:00:33.0597 0x12ec AppID - ok
00:00:33.0644 0x12ec [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
00:00:33.0769 0x12ec AppIDSvc - ok
00:00:33.0831 0x12ec [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
00:00:33.0894 0x12ec Appinfo - ok
00:00:33.0972 0x12ec [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:00:34.0003 0x12ec Apple Mobile Device - ok
00:00:34.0034 0x12ec [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
00:00:34.0065 0x12ec arc - ok
00:00:34.0097 0x12ec [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
00:00:34.0128 0x12ec arcsas - ok
00:00:34.0159 0x12ec [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
00:00:34.0253 0x12ec AsyncMac - ok
00:00:34.0299 0x12ec [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
00:00:34.0331 0x12ec atapi - ok
00:00:34.0393 0x12ec [ 4BF5BCA6E2608CD8A00BC4A6673A9F47, 172240231981162F67DD2CF13C6D8C807EFFCE9C24B476F2942BC3E1F41C1A71 ] AtiHDAudioService C:\windows\system32\drivers\AtihdW76.sys
00:00:34.0424 0x12ec AtiHDAudioService - ok
00:00:34.0502 0x12ec [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
00:00:34.0611 0x12ec AudioEndpointBuilder - ok
00:00:34.0643 0x12ec [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\windows\System32\Audiosrv.dll
00:00:34.0705 0x12ec AudioSrv - ok
00:00:34.0767 0x12ec [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
00:00:34.0814 0x12ec avgntflt - ok
00:00:34.0861 0x12ec [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
00:00:34.0908 0x12ec avipbb - ok
00:00:34.0986 0x12ec [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
00:00:35.0033 0x12ec Avira.OE.ServiceHost - ok
00:00:35.0111 0x12ec [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
00:00:35.0142 0x12ec avkmgr - ok
00:00:35.0189 0x12ec [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
00:00:35.0360 0x12ec AxInstSV - ok
00:00:35.0438 0x12ec [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
00:00:35.0579 0x12ec b06bdrv - ok
00:00:35.0641 0x12ec [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
00:00:35.0703 0x12ec b57nd60a - ok
00:00:35.0750 0x12ec [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
00:00:35.0859 0x12ec BDESVC - ok
00:00:35.0906 0x12ec [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
00:00:36.0000 0x12ec Beep - ok
00:00:36.0093 0x12ec [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
00:00:36.0203 0x12ec BFE - ok
00:00:36.0296 0x12ec [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
00:00:36.0437 0x12ec BITS - ok
00:00:36.0468 0x12ec [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
00:00:36.0499 0x12ec blbdrive - ok
00:00:36.0577 0x12ec [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:00:36.0624 0x12ec Bonjour Service - ok
00:00:36.0671 0x12ec [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
00:00:36.0733 0x12ec bowser - ok
00:00:36.0780 0x12ec [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv C:\windows\system32\drivers\BPntDrv.sys
00:00:36.0811 0x12ec BPntDrv - ok
00:00:36.0842 0x12ec [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
00:00:36.0951 0x12ec BrFiltLo - ok
00:00:36.0967 0x12ec [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
00:00:37.0029 0x12ec BrFiltUp - ok
00:00:37.0076 0x12ec [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
00:00:37.0170 0x12ec Browser - ok
00:00:37.0217 0x12ec [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
00:00:37.0295 0x12ec Brserid - ok
00:00:37.0326 0x12ec [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
00:00:37.0373 0x12ec BrSerWdm - ok
00:00:37.0419 0x12ec [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
00:00:37.0466 0x12ec BrUsbMdm - ok
00:00:37.0497 0x12ec [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
00:00:37.0544 0x12ec BrUsbSer - ok
00:00:37.0607 0x12ec [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
00:00:37.0685 0x12ec BthEnum - ok
00:00:37.0716 0x12ec [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
00:00:37.0763 0x12ec BTHMODEM - ok
00:00:37.0809 0x12ec [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
00:00:37.0856 0x12ec BthPan - ok
00:00:37.0919 0x12ec [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
00:00:37.0981 0x12ec BTHPORT - ok
00:00:38.0028 0x12ec [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
00:00:38.0137 0x12ec bthserv - ok
00:00:38.0168 0x12ec [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
00:00:38.0215 0x12ec BTHUSB - ok
00:00:38.0262 0x12ec [ 2641A3FE3D7B0646308F33B67F3B5300, 8D2E37F6524D10197D36AAE41F59028B3DF0692A113EA342BB1AC36DEA13D8F6 ] btusbflt C:\windows\system32\drivers\btusbflt.sys
00:00:38.0293 0x12ec btusbflt - ok
00:00:38.0340 0x12ec [ A72A9101F9730DB7332714E566614E4D, 7C75772EA40EAEDDE2565E5FF901B17EA9B748563B8CE40062D86D4B0F1DBF0C ] btwaudio C:\windows\system32\drivers\btwaudio.sys
00:00:38.0371 0x12ec btwaudio - ok
00:00:38.0387 0x12ec [ 5CEEC634B617525F2B6AD29F871033F7, 0A48E08FB3C3384860783F72C85022F6AD11D8F7023580D007478AA94F6F41C5 ] btwavdt C:\windows\system32\drivers\btwavdt.sys
00:00:38.0418 0x12ec btwavdt - ok
00:00:38.0527 0x12ec [ B1DB1E1A90C940723980B94760487472, 822866804DBFE9051B350934CFDFD8956FE954DB869192C57FC93E1160706C2A ] btwdins C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
00:00:38.0605 0x12ec btwdins - ok
00:00:38.0636 0x12ec [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
00:00:38.0667 0x12ec btwl2cap - ok
00:00:38.0683 0x12ec [ 2AF5604D28BEF77B7CF4B9D232FE7CD3, 758524012FE284EDFC27DF095A2DD5853A0F084999F14DA66784103176E938E4 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
00:00:38.0714 0x12ec btwrchid - ok
00:00:38.0761 0x12ec [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
00:00:38.0855 0x12ec cdfs - ok
00:00:38.0917 0x12ec [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
00:00:38.0964 0x12ec cdrom - ok
00:00:39.0011 0x12ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
00:00:39.0089 0x12ec CertPropSvc - ok
00:00:39.0120 0x12ec [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
00:00:39.0182 0x12ec circlass - ok
00:00:39.0229 0x12ec [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
00:00:39.0276 0x12ec CLFS - ok
00:00:39.0369 0x12ec [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:00:39.0401 0x12ec clr_optimization_v2.0.50727_32 - ok
00:00:39.0510 0x12ec [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:00:39.0572 0x12ec clr_optimization_v2.0.50727_64 - ok
00:00:39.0666 0x12ec [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:00:39.0697 0x12ec clr_optimization_v4.0.30319_32 - ok
00:00:39.0759 0x12ec [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:00:39.0791 0x12ec clr_optimization_v4.0.30319_64 - ok
00:00:39.0822 0x12ec [ 50F92C943F18B070F166D019DFAB3D9A, A997EAFFC1598B1D0A9E1A4475F25418CA8AA6B703B53A71B1AF028E247C9950 ] clwvd C:\windows\system32\DRIVERS\clwvd.sys
00:00:39.0853 0x12ec clwvd - ok
00:00:39.0900 0x12ec [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
00:00:39.0947 0x12ec CmBatt - ok
00:00:39.0993 0x12ec [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
00:00:40.0025 0x12ec cmdide - ok
00:00:40.0103 0x12ec [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\windows\system32\Drivers\cng.sys
00:00:40.0181 0x12ec CNG - ok
00:00:40.0321 0x12ec [ A1C6AB1D318A05F5CC1C86146FF95F8B, 24885E193B92A01DF5BF378900F27446D663823EA33000DF1C4D72CFF6ACFD09 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
00:00:40.0430 0x12ec CnxtHdAudService - ok
00:00:40.0461 0x12ec [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
00:00:40.0493 0x12ec Compbatt - ok
00:00:40.0524 0x12ec [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
00:00:40.0586 0x12ec CompositeBus - ok
00:00:40.0602 0x12ec COMSysApp - ok
00:00:40.0649 0x12ec [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
00:00:40.0664 0x12ec crcdisk - ok
00:00:40.0727 0x12ec [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\windows\system32\cryptsvc.dll
00:00:40.0805 0x12ec CryptSvc - ok
00:00:40.0883 0x12ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
00:00:41.0007 0x12ec DcomLaunch - ok
00:00:41.0054 0x12ec [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
00:00:41.0163 0x12ec defragsvc - ok
00:00:41.0210 0x12ec [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
00:00:41.0304 0x12ec DfsC - ok
00:00:41.0366 0x12ec [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
00:00:41.0475 0x12ec Dhcp - ok
00:00:41.0522 0x12ec [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
00:00:41.0631 0x12ec discache - ok
00:00:41.0663 0x12ec [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
00:00:41.0694 0x12ec Disk - ok
00:00:41.0756 0x12ec [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
00:00:41.0819 0x12ec Dnscache - ok
00:00:41.0850 0x12ec [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
00:00:41.0943 0x12ec dot3svc - ok
00:00:41.0990 0x12ec [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
00:00:42.0099 0x12ec DPS - ok
00:00:42.0146 0x12ec [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
00:00:42.0224 0x12ec drmkaud - ok
00:00:42.0302 0x12ec [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
00:00:42.0380 0x12ec DXGKrnl - ok
00:00:42.0443 0x12ec [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
00:00:42.0536 0x12ec EapHost - ok
00:00:42.0786 0x12ec [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
00:00:43.0004 0x12ec ebdrv - ok
00:00:43.0051 0x12ec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\windows\System32\lsass.exe
00:00:43.0098 0x12ec EFS - ok
00:00:43.0191 0x12ec [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
00:00:43.0316 0x12ec ehRecvr - ok
00:00:43.0363 0x12ec [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
00:00:43.0457 0x12ec ehSched - ok
00:00:43.0519 0x12ec [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
00:00:43.0581 0x12ec elxstor - ok
00:00:43.0613 0x12ec [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
00:00:43.0644 0x12ec ErrDev - ok
00:00:43.0722 0x12ec [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
00:00:43.0847 0x12ec EventSystem - ok
00:00:43.0909 0x12ec [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
00:00:44.0003 0x12ec exfat - ok
00:00:44.0049 0x12ec [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
00:00:44.0143 0x12ec fastfat - ok
00:00:44.0221 0x12ec [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
00:00:44.0330 0x12ec Fax - ok
00:00:44.0361 0x12ec [ 3191ACA33088EE2481044FC0DB736442, 9311069BCA14FB7D5FDFFDB29566D045AB55A8657574C8BD864F8ED9527DEAF5 ] fbfmon C:\windows\system32\drivers\fbfmon.sys
00:00:44.0377 0x12ec fbfmon - ok
00:00:44.0424 0x12ec [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
00:00:44.0471 0x12ec fdc - ok
00:00:44.0517 0x12ec [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
00:00:44.0611 0x12ec fdPHost - ok
00:00:44.0627 0x12ec [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
00:00:44.0705 0x12ec FDResPub - ok
00:00:44.0720 0x12ec [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
00:00:44.0767 0x12ec FileInfo - ok
00:00:44.0798 0x12ec [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
00:00:44.0892 0x12ec Filetrace - ok
00:00:44.0907 0x12ec [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
00:00:44.0954 0x12ec flpydisk - ok
00:00:45.0017 0x12ec [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
00:00:45.0048 0x12ec FltMgr - ok
00:00:45.0173 0x12ec [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
00:00:45.0329 0x12ec FontCache - ok
00:00:45.0438 0x12ec [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:00:45.0469 0x12ec FontCache3.0.0.0 - ok
00:00:45.0516 0x12ec [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
00:00:45.0547 0x12ec FsDepends - ok
00:00:45.0594 0x12ec [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
00:00:45.0625 0x12ec fssfltr - ok
00:00:45.0797 0x12ec [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:00:45.0921 0x12ec fsssvc - ok
00:00:45.0968 0x12ec [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
00:00:45.0999 0x12ec Fs_Rec - ok
00:00:46.0062 0x12ec [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
00:00:46.0109 0x12ec fvevol - ok
00:00:46.0155 0x12ec [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
00:00:46.0218 0x12ec gagp30kx - ok
00:00:46.0265 0x12ec [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
00:00:46.0296 0x12ec GEARAspiWDM - ok
00:00:46.0389 0x12ec [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
00:00:46.0514 0x12ec gpsvc - ok
00:00:46.0561 0x12ec [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
00:00:46.0623 0x12ec gusvc - ok
00:00:46.0655 0x12ec [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
00:00:46.0717 0x12ec hcw85cir - ok
00:00:46.0779 0x12ec [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
00:00:46.0857 0x12ec HdAudAddService - ok
00:00:46.0889 0x12ec [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
00:00:46.0967 0x12ec HDAudBus - ok
00:00:47.0013 0x12ec [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
00:00:47.0076 0x12ec HidBatt - ok
00:00:47.0091 0x12ec [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
00:00:47.0154 0x12ec HidBth - ok
00:00:47.0185 0x12ec [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
00:00:47.0232 0x12ec HidIr - ok
00:00:47.0279 0x12ec [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
00:00:47.0403 0x12ec hidserv - ok
00:00:47.0466 0x12ec [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
00:00:47.0513 0x12ec HidUsb - ok
00:00:47.0559 0x12ec [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
00:00:47.0653 0x12ec hkmsvc - ok
00:00:47.0715 0x12ec [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
00:00:47.0778 0x12ec HomeGroupListener - ok
00:00:47.0809 0x12ec [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
00:00:47.0871 0x12ec HomeGroupProvider - ok
00:00:47.0934 0x12ec [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
00:00:47.0965 0x12ec HpSAMD - ok
00:00:48.0027 0x12ec [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
00:00:48.0168 0x12ec HTTP - ok
00:00:48.0199 0x12ec [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
00:00:48.0230 0x12ec hwpolicy - ok
00:00:48.0277 0x12ec [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
00:00:48.0308 0x12ec i8042prt - ok
00:00:48.0371 0x12ec [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
00:00:48.0417 0x12ec iaStorV - ok
00:00:48.0558 0x12ec [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:00:48.0636 0x12ec idsvc - ok
00:00:48.0651 0x12ec IEEtwCollectorService - ok
00:00:49.0041 0x12ec [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
00:00:49.0587 0x12ec igfx - ok
00:00:49.0650 0x12ec [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
00:00:49.0681 0x12ec iirsp - ok
00:00:49.0775 0x12ec [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
00:00:49.0868 0x12ec IKEEXT - ok
00:00:49.0915 0x12ec [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
00:00:49.0931 0x12ec intelide - ok
00:00:49.0977 0x12ec [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
00:00:50.0024 0x12ec intelppm - ok
00:00:50.0055 0x12ec [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
00:00:50.0133 0x12ec IPBusEnum - ok
00:00:50.0180 0x12ec [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
00:00:50.0274 0x12ec IpFilterDriver - ok
00:00:50.0367 0x12ec [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
00:00:50.0477 0x12ec iphlpsvc - ok
00:00:50.0508 0x12ec [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
00:00:50.0555 0x12ec IPMIDRV - ok
00:00:50.0617 0x12ec [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
00:00:50.0711 0x12ec IPNAT - ok
00:00:50.0789 0x12ec [ A9AB99EE7D39725EAFEC82732D2B3271, 962F231608C36BA0B2EAE5981BB9BAC85B6CAA3A5F656D786B97D9B421A831A6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:00:50.0867 0x12ec iPod Service - ok
00:00:50.0898 0x12ec [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
00:00:51.0023 0x12ec IRENUM - ok
00:00:51.0054 0x12ec [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
00:00:51.0085 0x12ec isapnp - ok
00:00:51.0163 0x12ec [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
00:00:51.0194 0x12ec iScsiPrt - ok
00:00:51.0257 0x12ec [ 7DBAFE10C1B777305C80BEA42FBDA710, 768638FAD1FF94F2C15E2F1558F9A03730195B041CCBBC82241EC1F92CD7D46F ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys
00:00:51.0319 0x12ec k57nd60a - ok
00:00:51.0366 0x12ec [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
00:00:51.0397 0x12ec kbdclass - ok
00:00:51.0459 0x12ec [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
00:00:51.0491 0x12ec kbdhid - ok
00:00:51.0537 0x12ec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\windows\system32\lsass.exe
00:00:51.0569 0x12ec KeyIso - ok
00:00:51.0600 0x12ec [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
00:00:51.0631 0x12ec KSecDD - ok
00:00:51.0662 0x12ec [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
00:00:51.0693 0x12ec KSecPkg - ok
00:00:51.0740 0x12ec [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
00:00:51.0818 0x12ec ksthunk - ok
00:00:51.0881 0x12ec [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
00:00:51.0990 0x12ec KtmRm - ok
00:00:52.0052 0x12ec [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
00:00:52.0130 0x12ec LanmanServer - ok
00:00:52.0161 0x12ec [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
00:00:52.0271 0x12ec LanmanWorkstation - ok
00:00:52.0317 0x12ec [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\windows\system32\DRIVERS\LhdX64.sys
00:00:52.0364 0x12ec LHDmgr - ok
00:00:52.0395 0x12ec [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
00:00:52.0473 0x12ec lltdio - ok
00:00:52.0520 0x12ec [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
00:00:52.0629 0x12ec lltdsvc - ok
00:00:52.0645 0x12ec [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
00:00:52.0739 0x12ec lmhosts - ok
00:00:52.0785 0x12ec [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
00:00:52.0817 0x12ec LSI_FC - ok
00:00:52.0848 0x12ec [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
00:00:52.0895 0x12ec LSI_SAS - ok
00:00:52.0910 0x12ec [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
00:00:52.0941 0x12ec LSI_SAS2 - ok
00:00:52.0973 0x12ec [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
00:00:53.0035 0x12ec LSI_SCSI - ok
00:00:53.0082 0x12ec [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
00:00:53.0175 0x12ec luafv - ok
00:00:53.0222 0x12ec [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon C:\windows\system32\drivers\mbamchameleon.sys
00:00:53.0269 0x12ec mbamchameleon - ok
00:00:53.0347 0x12ec [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
00:00:53.0409 0x12ec MBAMProtector - ok
00:00:53.0597 0x12ec [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
00:00:53.0721 0x12ec MBAMScheduler - ok
00:00:53.0862 0x12ec [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
00:00:53.0955 0x12ec MBAMService - ok
00:00:53.0987 0x12ec [ A646C2DDB8C46E9B20A326FAF566646C, F46E3BF392CB4EB53D323BC8CC41EFBB9C5D7C935FECF255F524EB18583A2A37 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
00:00:54.0033 0x12ec MBAMWebAccessControl - ok
00:00:54.0080 0x12ec [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
00:00:54.0127 0x12ec Mcx2Svc - ok
00:00:54.0158 0x12ec [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
00:00:54.0189 0x12ec megasas - ok
00:00:54.0221 0x12ec [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
00:00:54.0299 0x12ec MegaSR - ok
00:00:54.0377 0x12ec Microsoft SharePoint Workspace Audit Service - ok
00:00:54.0408 0x12ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
00:00:54.0517 0x12ec MMCSS - ok
00:00:54.0564 0x12ec [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
00:00:54.0642 0x12ec Modem - ok
00:00:54.0673 0x12ec [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
00:00:54.0751 0x12ec monitor - ok
00:00:54.0782 0x12ec [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
00:00:54.0813 0x12ec mouclass - ok
00:00:54.0860 0x12ec [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
00:00:54.0923 0x12ec mouhid - ok
00:00:54.0969 0x12ec [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
00:00:55.0001 0x12ec mountmgr - ok
00:00:55.0110 0x12ec [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:00:55.0157 0x12ec MozillaMaintenance - ok
00:00:55.0250 0x12ec [ FBA4CDA6B3B00D7A116DCC2B5C7E9790, FE909159323290555971F031E7911DCCD035B873E630A230A660C13D57719206 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
00:00:55.0313 0x12ec MpFilter - ok
00:00:55.0344 0x12ec [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
00:00:55.0375 0x12ec mpio - ok
00:00:55.0422 0x12ec [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
00:00:55.0500 0x12ec mpsdrv - ok
00:00:55.0593 0x12ec [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
00:00:55.0718 0x12ec MpsSvc - ok
00:00:55.0765 0x12ec [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
00:00:55.0827 0x12ec MRxDAV - ok
00:00:55.0874 0x12ec [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
00:00:55.0937 0x12ec mrxsmb - ok
00:00:55.0983 0x12ec [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
00:00:56.0046 0x12ec mrxsmb10 - ok
00:00:56.0077 0x12ec [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
00:00:56.0124 0x12ec mrxsmb20 - ok
00:00:56.0171 0x12ec [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
00:00:56.0202 0x12ec msahci - ok
00:00:56.0233 0x12ec [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
00:00:56.0280 0x12ec msdsm - ok
00:00:56.0311 0x12ec [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
00:00:56.0373 0x12ec MSDTC - ok
00:00:56.0420 0x12ec [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
00:00:56.0514 0x12ec Msfs - ok
00:00:56.0545 0x12ec [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
00:00:56.0639 0x12ec mshidkmdf - ok
00:00:56.0670 0x12ec [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
00:00:56.0685 0x12ec msisadrv - ok
00:00:56.0748 0x12ec [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
00:00:56.0841 0x12ec MSiSCSI - ok
00:00:56.0841 0x12ec msiserver - ok
00:00:56.0873 0x12ec [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
00:00:56.0951 0x12ec MSKSSRV - ok
00:00:57.0029 0x12ec [ F46BA4E7F4A34295B20917CD77F6CEC9, 1A91AC1AC1FBFC6922D0430D752240A91C9001373B1F84F960FDE0AC062A411A ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
00:00:57.0075 0x12ec MsMpSvc - ok
00:00:57.0091 0x12ec [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
00:00:57.0185 0x12ec MSPCLOCK - ok
00:00:57.0200 0x12ec [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
00:00:57.0278 0x12ec MSPQM - ok
00:00:57.0325 0x12ec [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
00:00:57.0372 0x12ec MsRPC - ok
00:00:57.0419 0x12ec [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
00:00:57.0450 0x12ec mssmbios - ok
00:00:57.0497 0x12ec [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
00:00:57.0559 0x12ec MSTEE - ok
00:00:57.0590 0x12ec [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
00:00:57.0621 0x12ec MTConfig - ok
00:00:57.0653 0x12ec [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
00:00:57.0684 0x12ec Mup - ok
00:00:57.0746 0x12ec [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
00:00:57.0855 0x12ec napagent - ok
00:00:57.0918 0x12ec [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
00:00:57.0996 0x12ec NativeWifiP - ok
00:00:58.0089 0x12ec [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
00:00:58.0167 0x12ec NDIS - ok
00:00:58.0214 0x12ec [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
00:00:58.0292 0x12ec NdisCap - ok
00:00:58.0323 0x12ec [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
00:00:58.0417 0x12ec NdisTapi - ok
00:00:58.0464 0x12ec [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
00:00:58.0557 0x12ec Ndisuio - ok
00:00:58.0620 0x12ec [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
00:00:58.0713 0x12ec NdisWan - ok
00:00:58.0760 0x12ec [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
00:00:58.0838 0x12ec NDProxy - ok
00:00:58.0885 0x12ec [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
00:00:58.0963 0x12ec NetBIOS - ok
00:00:59.0010 0x12ec [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
00:00:59.0119 0x12ec NetBT - ok
00:00:59.0150 0x12ec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\windows\system32\lsass.exe
00:00:59.0181 0x12ec Netlogon - ok
00:00:59.0244 0x12ec [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
00:00:59.0337 0x12ec Netman - ok
00:00:59.0384 0x12ec [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
00:00:59.0478 0x12ec netprofm - ok
00:00:59.0587 0x12ec [ 52A5D4581583A743C948A9947655C300, 3BBCF10B099896DA4DFF376E6572C77706C0FCBF86C7BAC368AA72B5BC753030 ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
00:00:59.0712 0x12ec netr28x - ok
00:00:59.0743 0x12ec [ 9D0157074866FCF3EA2A07185D93FC72, C4107EE60ADA7E326DF7B27602166E9D57CB9982717605730BF7C7D2401E30A9 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:00:59.0790 0x12ec NetTcpPortSharing - ok
00:01:00.0149 0x12ec [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys
00:01:00.0601 0x12ec netw5v64 - ok
00:01:00.0679 0x12ec [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
00:01:00.0710 0x12ec nfrd960 - ok
00:01:00.0757 0x12ec [ E10B84385C3FEEF4BDE8E6A980535522, 56D9E47B76CDABE45E64C9E74DCBCC2F7C07A44519ED938BD730018C48445614 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
00:01:00.0788 0x12ec NisDrv - ok
00:01:00.0835 0x12ec [ 9BF50324444C46997C2492D505B47F2D, 42C74456C64F7D688E0911255746BD2A52A3590AED22B24F7E385760D720B8E9 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
00:01:00.0897 0x12ec NisSrv - ok
00:01:00.0960 0x12ec [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
00:01:01.0038 0x12ec NlaSvc - ok
00:01:01.0053 0x12ec [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
00:01:01.0147 0x12ec Npfs - ok
00:01:01.0194 0x12ec [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
00:01:01.0287 0x12ec nsi - ok
00:01:01.0334 0x12ec [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
00:01:01.0412 0x12ec nsiproxy - ok
00:01:01.0553 0x12ec [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
00:01:01.0677 0x12ec Ntfs - ok
00:01:01.0709 0x12ec [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
00:01:01.0787 0x12ec Null - ok
00:01:01.0833 0x12ec [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
00:01:01.0865 0x12ec nvraid - ok
00:01:01.0911 0x12ec [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
00:01:01.0958 0x12ec nvstor - ok
00:01:02.0005 0x12ec [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
00:01:02.0052 0x12ec nv_agp - ok
00:01:02.0083 0x12ec [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
00:01:02.0130 0x12ec ohci1394 - ok
00:01:02.0192 0x12ec [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:01:02.0239 0x12ec ose - ok
00:01:02.0567 0x12ec [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:01:02.0941 0x12ec osppsvc - ok
00:01:03.0003 0x12ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
00:01:03.0081 0x12ec p2pimsvc - ok
00:01:03.0144 0x12ec [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
00:01:03.0206 0x12ec p2psvc - ok
00:01:03.0237 0x12ec [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
00:01:03.0284 0x12ec Parport - ok
00:01:03.0315 0x12ec [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
00:01:03.0347 0x12ec partmgr - ok
00:01:03.0393 0x12ec [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
00:01:03.0456 0x12ec PcaSvc - ok
00:01:03.0518 0x12ec [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
00:01:03.0549 0x12ec pci - ok
00:01:03.0596 0x12ec [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
00:01:03.0643 0x12ec pciide - ok
00:01:03.0690 0x12ec [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
00:01:03.0721 0x12ec pcmcia - ok
00:01:03.0752 0x12ec [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
00:01:03.0783 0x12ec pcw - ok
00:01:03.0830 0x12ec [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
00:01:03.0939 0x12ec PEAUTH - ok
00:01:04.0064 0x12ec [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
00:01:04.0111 0x12ec PerfHost - ok
00:01:04.0267 0x12ec [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
00:01:04.0439 0x12ec pla - ok
00:01:04.0517 0x12ec [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
00:01:04.0610 0x12ec PlugPlay - ok
00:01:04.0626 0x12ec [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
00:01:04.0673 0x12ec PNRPAutoReg - ok
00:01:04.0719 0x12ec [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
00:01:04.0766 0x12ec PNRPsvc - ok
00:01:04.0813 0x12ec [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
00:01:04.0938 0x12ec PolicyAgent - ok
00:01:05.0000 0x12ec [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
00:01:05.0094 0x12ec Power - ok
00:01:05.0141 0x12ec [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
00:01:05.0250 0x12ec PptpMiniport - ok
00:01:05.0297 0x12ec [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
00:01:05.0328 0x12ec Processor - ok
00:01:05.0359 0x12ec [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
00:01:05.0437 0x12ec ProfSvc - ok
00:01:05.0453 0x12ec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\windows\system32\lsass.exe
00:01:05.0484 0x12ec ProtectedStorage - ok
00:01:05.0546 0x12ec [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
00:01:05.0640 0x12ec Psched - ok
00:01:05.0765 0x12ec [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
00:01:05.0874 0x12ec ql2300 - ok
00:01:05.0905 0x12ec [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
00:01:05.0936 0x12ec ql40xx - ok
00:01:05.0967 0x12ec [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
00:01:06.0030 0x12ec QWAVE - ok
00:01:06.0045 0x12ec [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
00:01:06.0108 0x12ec QWAVEdrv - ok
00:01:06.0123 0x12ec [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
00:01:06.0233 0x12ec RasAcd - ok
00:01:06.0295 0x12ec [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
00:01:06.0373 0x12ec RasAgileVpn - ok
00:01:06.0420 0x12ec [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
00:01:06.0513 0x12ec RasAuto - ok
00:01:06.0560 0x12ec [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
00:01:06.0669 0x12ec Rasl2tp - ok
00:01:06.0732 0x12ec [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
00:01:06.0841 0x12ec RasMan - ok
00:01:06.0888 0x12ec [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
00:01:06.0981 0x12ec RasPppoe - ok
00:01:07.0013 0x12ec [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
00:01:07.0122 0x12ec RasSstp - ok
00:01:07.0184 0x12ec [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
00:01:07.0278 0x12ec rdbss - ok
00:01:07.0293 0x12ec [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
00:01:07.0340 0x12ec rdpbus - ok
00:01:07.0371 0x12ec [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
00:01:07.0449 0x12ec RDPCDD - ok
00:01:07.0481 0x12ec [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
00:01:07.0574 0x12ec RDPENCDD - ok
00:01:07.0605 0x12ec [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
00:01:07.0683 0x12ec RDPREFMP - ok
00:01:07.0730 0x12ec [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
00:01:07.0839 0x12ec RDPWD - ok
00:01:07.0902 0x12ec [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
00:01:07.0933 0x12ec rdyboost - ok
00:01:07.0980 0x12ec [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
00:01:08.0058 0x12ec RemoteAccess - ok
00:01:08.0106 0x12ec [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
00:01:08.0199 0x12ec RemoteRegistry - ok
00:01:08.0246 0x12ec [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
00:01:08.0293 0x12ec RFCOMM - ok
00:01:08.0324 0x12ec [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
00:01:08.0433 0x12ec RpcEptMapper - ok
00:01:08.0464 0x12ec [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
00:01:08.0511 0x12ec RpcLocator - ok
00:01:08.0558 0x12ec [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
00:01:08.0652 0x12ec RpcSs - ok
00:01:08.0683 0x12ec [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
00:01:08.0792 0x12ec rspndr - ok
00:01:08.0839 0x12ec [ E54A5586A28D0630A79A68BBAB84BFCF, F6FBF1E4C64351CEB205DDCD17C35EA26439E98F3528F96AE326959A7C26B488 ] RSUSBVSTOR C:\windows\system32\Drivers\RtsUVStor.sys
00:01:08.0886 0x12ec RSUSBVSTOR - ok
00:01:08.0948 0x12ec [ 2777226EE8BF50B059D7A7C90177E99C, A22BE326F2CA3747BC27073CC4CA1B6D7A34F4D7CBA886BE3F767B7273D7229D ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
00:01:08.0995 0x12ec RTL8167 - ok
00:01:09.0026 0x12ec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\windows\system32\lsass.exe
00:01:09.0057 0x12ec SamSs - ok
00:01:09.0088 0x12ec [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
00:01:09.0120 0x12ec sbp2port - ok
00:01:09.0166 0x12ec [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
00:01:09.0276 0x12ec SCardSvr - ok
00:01:09.0307 0x12ec [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
00:01:09.0416 0x12ec scfilter - ok
00:01:09.0525 0x12ec [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
00:01:09.0666 0x12ec Schedule - ok
00:01:09.0697 0x12ec [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
00:01:09.0775 0x12ec SCPolicySvc - ok
00:01:09.0806 0x12ec [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
00:01:09.0915 0x12ec SDRSVC - ok
00:01:09.0946 0x12ec [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
00:01:10.0024 0x12ec secdrv - ok
00:01:10.0071 0x12ec [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
00:01:10.0149 0x12ec seclogon - ok
00:01:10.0180 0x12ec [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
00:01:10.0258 0x12ec SENS - ok
00:01:10.0290 0x12ec [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
00:01:10.0368 0x12ec SensrSvc - ok
00:01:10.0399 0x12ec [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
00:01:10.0430 0x12ec Serenum - ok
00:01:10.0492 0x12ec [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
00:01:10.0539 0x12ec Serial - ok
00:01:10.0570 0x12ec [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
00:01:10.0617 0x12ec sermouse - ok
00:01:10.0680 0x12ec [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
00:01:10.0758 0x12ec SessionEnv - ok
00:01:10.0773 0x12ec [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
00:01:10.0820 0x12ec sffdisk - ok
00:01:10.0836 0x12ec [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
00:01:10.0882 0x12ec sffp_mmc - ok
00:01:10.0914 0x12ec [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
00:01:10.0960 0x12ec sffp_sd - ok
00:01:10.0992 0x12ec [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
00:01:11.0038 0x12ec sfloppy - ok
00:01:11.0116 0x12ec [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
00:01:11.0226 0x12ec SharedAccess - ok
00:01:11.0272 0x12ec [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
00:01:11.0382 0x12ec ShellHWDetection - ok
00:01:11.0428 0x12ec [ C10D453B07E3E7E00E5103BBA9BAD524, D8E858244875CB2EF144F1AE02868960800F3C33F4DCB2BAB39385E81715A33D ] Shockprf C:\windows\system32\DRIVERS\Apsx64.sys
00:01:11.0460 0x12ec Shockprf - ok
00:01:11.0491 0x12ec [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
00:01:11.0522 0x12ec SiSRaid2 - ok
00:01:11.0553 0x12ec [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
00:01:11.0584 0x12ec SiSRaid4 - ok
00:01:11.0616 0x12ec [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
00:01:11.0709 0x12ec Smb - ok
00:01:11.0756 0x12ec [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
00:01:11.0787 0x12ec SNMPTRAP - ok
00:01:11.0818 0x12ec [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
00:01:11.0850 0x12ec spldr - ok
00:01:11.0912 0x12ec [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
00:01:11.0990 0x12ec Spooler - ok
00:01:12.0208 0x12ec [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
00:01:12.0505 0x12ec sppsvc - ok
00:01:12.0567 0x12ec [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
00:01:12.0645 0x12ec sppuinotify - ok
00:01:12.0692 0x12ec [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
00:01:12.0801 0x12ec srv - ok
00:01:12.0848 0x12ec [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
00:01:12.0926 0x12ec srv2 - ok
00:01:12.0957 0x12ec [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
00:01:13.0020 0x12ec srvnet - ok
00:01:13.0051 0x12ec [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
00:01:13.0144 0x12ec SSDPSRV - ok
00:01:13.0160 0x12ec [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
00:01:13.0254 0x12ec SstpSvc - ok
00:01:13.0300 0x12ec [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
00:01:13.0332 0x12ec stexstor - ok
00:01:13.0410 0x12ec [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
00:01:13.0503 0x12ec stisvc - ok
00:01:13.0534 0x12ec [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
00:01:13.0581 0x12ec swenum - ok
00:01:13.0644 0x12ec [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
00:01:13.0768 0x12ec swprv - ok
00:01:13.0878 0x12ec [ 9F97520ABF687F5C7856C6F9226D8834, C6D1056501247F02C11F4A44AF98563855A718E5A4EA6B5E1AE2269DC6B04428 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
00:01:13.0987 0x12ec SynTP - ok
00:01:14.0112 0x12ec [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
00:01:14.0252 0x12ec SysMain - ok
00:01:14.0299 0x12ec [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
00:01:14.0361 0x12ec TabletInputService - ok
00:01:14.0408 0x12ec [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
00:01:14.0517 0x12ec TapiSrv - ok
00:01:14.0548 0x12ec [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
00:01:14.0642 0x12ec TBS - ok
00:01:14.0767 0x12ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
00:01:14.0907 0x12ec Tcpip - ok
00:01:15.0016 0x12ec [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
00:01:15.0141 0x12ec TCPIP6 - ok
00:01:15.0188 0x12ec [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
00:01:15.0235 0x12ec tcpipreg - ok
00:01:15.0266 0x12ec [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
00:01:15.0313 0x12ec TDPIPE - ok
00:01:15.0344 0x12ec [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
00:01:15.0391 0x12ec TDTCP - ok
00:01:15.0422 0x12ec [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
00:01:15.0500 0x12ec tdx - ok
00:01:15.0531 0x12ec [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
00:01:15.0562 0x12ec TermDD - ok
00:01:15.0640 0x12ec [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
00:01:15.0718 0x12ec TermService - ok
00:01:15.0765 0x12ec [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
00:01:15.0828 0x12ec Themes - ok
00:01:15.0843 0x12ec [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
00:01:15.0921 0x12ec THREADORDER - ok
00:01:15.0968 0x12ec [ 74868C001C7214FBD88B1A57EBB04811, C78F490D4307269A5FD0644ADF98C2E80E4641577F8EBCF54EFC152D0965B796 ] TPDIGIMN C:\windows\system32\DRIVERS\ApsHM64.sys
00:01:15.0984 0x12ec TPDIGIMN - ok
00:01:15.0999 0x12ec [ 130E6B36A8EEE48AA4F0AC404236836B, 252658960F31122BCDD08C539C62A9902AE39B503A799DC3988F6E2F1A09194D ] TPHDEXLGSVC C:\windows\system32\TPHDEXLG64.exe
00:01:16.0030 0x12ec TPHDEXLGSVC - ok
00:01:16.0062 0x12ec [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
00:01:16.0140 0x12ec TrkWks - ok
00:01:16.0218 0x12ec [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
00:01:16.0311 0x12ec TrustedInstaller - ok
00:01:16.0342 0x12ec [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
00:01:16.0389 0x12ec tssecsrv - ok
00:01:16.0452 0x12ec [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
00:01:16.0530 0x12ec TsUsbFlt - ok
00:01:16.0576 0x12ec [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
00:01:16.0701 0x12ec tunnel - ok
00:01:16.0732 0x12ec [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
00:01:16.0764 0x12ec uagp35 - ok
00:01:16.0826 0x12ec [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
00:01:16.0920 0x12ec udfs - ok
00:01:16.0966 0x12ec [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
00:01:17.0013 0x12ec UI0Detect - ok
00:01:17.0044 0x12ec [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
00:01:17.0091 0x12ec uliagpkx - ok
00:01:17.0138 0x12ec [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
00:01:17.0185 0x12ec umbus - ok
00:01:17.0232 0x12ec [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
00:01:17.0263 0x12ec UmPass - ok
00:01:17.0310 0x12ec [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
00:01:17.0466 0x12ec upnphost - ok
00:01:17.0544 0x12ec [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
00:01:17.0606 0x12ec USBAAPL64 - ok
00:01:17.0653 0x12ec [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
00:01:17.0715 0x12ec usbccgp - ok
00:01:17.0746 0x12ec [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
00:01:17.0809 0x12ec usbcir - ok
00:01:17.0840 0x12ec [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
00:01:17.0871 0x12ec usbehci - ok
00:01:17.0918 0x12ec [ 76E2FFAD301490BA27B947C6507752FB, A4C6FC5C3BF428C624D0792873CB01C8F16F49B0E8B36422025A1094F0AAE231 ] usbfilter C:\windows\system32\DRIVERS\usbfilter.sys
00:01:17.0949 0x12ec usbfilter - ok
00:01:18.0027 0x12ec [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
00:01:18.0090 0x12ec usbhub - ok
00:01:18.0121 0x12ec [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
00:01:18.0152 0x12ec usbohci - ok
00:01:18.0199 0x12ec [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
00:01:18.0261 0x12ec usbprint - ok
00:01:18.0308 0x12ec [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\drivers\usbscan.sys
00:01:18.0402 0x12ec usbscan - ok
00:01:18.0464 0x12ec [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
00:01:18.0511 0x12ec USBSTOR - ok
00:01:18.0558 0x12ec [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
00:01:18.0604 0x12ec usbuhci - ok
00:01:18.0651 0x12ec [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
00:01:18.0729 0x12ec usbvideo - ok
00:01:18.0776 0x12ec [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
00:01:18.0870 0x12ec UxSms - ok
00:01:18.0885 0x12ec [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\windows\system32\lsass.exe
00:01:18.0916 0x12ec VaultSvc - ok
00:01:18.0979 0x12ec [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
00:01:19.0010 0x12ec vdrvroot - ok
00:01:19.0057 0x12ec [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
00:01:19.0166 0x12ec vds - ok
00:01:19.0197 0x12ec [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
00:01:19.0228 0x12ec vga - ok
00:01:19.0260 0x12ec [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
00:01:19.0338 0x12ec VgaSave - ok
00:01:19.0384 0x12ec [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
00:01:19.0431 0x12ec vhdmp - ok
00:01:19.0478 0x12ec [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
00:01:19.0509 0x12ec viaide - ok
00:01:19.0540 0x12ec [ 5CB80AFA98111FC6ED6E8702A0D7AC5B, ECA8B155EA48A509B443A2189AE1A98A5E2E49BA98601A55A089207C4555C4F5 ] vm2uvcflt C:\windows\system32\Drivers\vm2uvcflt.sys
00:01:19.0572 0x12ec vm2uvcflt - ok
00:01:19.0603 0x12ec [ AE855ED728655EF0A14A1EC272DED5CD, 563CCF1BF4CE78C9A4C25B49D12AFF8680AEA49DECD78EBC0922D6DB5142CDC2 ] vm332avs C:\windows\system32\Drivers\vm332avs.sys
00:01:19.0634 0x12ec vm332avs - ok
00:01:19.0665 0x12ec [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
00:01:19.0696 0x12ec volmgr - ok
00:01:19.0743 0x12ec [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
00:01:19.0790 0x12ec volmgrx - ok
00:01:19.0852 0x12ec [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
00:01:19.0884 0x12ec volsnap - ok
00:01:19.0977 0x12ec [ D0A36C5B602C522EEAFD92D9CF4ED016, 9C4291F983CB8CFF04FBCA7B2C965AC30E001F751F6C674CA004A64A992CECDD ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
00:01:20.0040 0x12ec vpnagent - ok
00:01:20.0071 0x12ec [ E526A69D932538AE8BC96B3F4A5A90B1, DD09835A61BDFE1A1FC0D9353FC2EF788C5F962FAEF9CFDD0D0454D629F7FA2C ] vpnva C:\windows\system32\DRIVERS\vpnva64.sys
00:01:20.0102 0x12ec vpnva - ok
00:01:20.0133 0x12ec [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
00:01:20.0180 0x12ec vsmraid - ok
00:01:20.0289 0x12ec [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
00:01:20.0461 0x12ec VSS - ok
00:01:20.0492 0x12ec [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
00:01:20.0539 0x12ec vwifibus - ok
00:01:20.0570 0x12ec [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
00:01:20.0617 0x12ec vwififlt - ok
00:01:20.0679 0x12ec [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
00:01:20.0773 0x12ec W32Time - ok
00:01:20.0820 0x12ec [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
00:01:20.0866 0x12ec WacomPen - ok
00:01:20.0913 0x12ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
00:01:20.0991 0x12ec WANARP - ok
00:01:21.0007 0x12ec [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
00:01:21.0085 0x12ec Wanarpv6 - ok
00:01:21.0210 0x12ec [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
00:01:21.0350 0x12ec wbengine - ok
00:01:21.0397 0x12ec [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
00:01:21.0444 0x12ec WbioSrvc - ok
00:01:21.0506 0x12ec [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
00:01:21.0584 0x12ec wcncsvc - ok
00:01:21.0615 0x12ec [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
00:01:21.0678 0x12ec WcsPlugInService - ok
00:01:21.0693 0x12ec [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
00:01:21.0724 0x12ec Wd - ok
00:01:21.0849 0x12ec [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
00:01:21.0912 0x12ec Wdf01000 - ok
00:01:21.0974 0x12ec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
00:01:22.0099 0x12ec WdiServiceHost - ok
00:01:22.0114 0x12ec [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
00:01:22.0161 0x12ec WdiSystemHost - ok
00:01:22.0208 0x12ec [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
00:01:22.0270 0x12ec WebClient - ok
00:01:22.0317 0x12ec [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
00:01:22.0411 0x12ec Wecsvc - ok
00:01:22.0442 0x12ec [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
00:01:22.0520 0x12ec wercplsupport - ok
00:01:22.0551 0x12ec [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
00:01:22.0645 0x12ec WerSvc - ok
00:01:22.0692 0x12ec [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
00:01:22.0770 0x12ec WfpLwf - ok
00:01:22.0785 0x12ec [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
00:01:22.0816 0x12ec WIMMount - ok
00:01:22.0848 0x12ec WinDefend - ok
00:01:22.0863 0x12ec WinHttpAutoProxySvc - ok
00:01:22.0957 0x12ec [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
00:01:23.0050 0x12ec Winmgmt - ok
00:01:23.0206 0x12ec [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
00:01:23.0347 0x12ec WinRM - ok
00:01:23.0440 0x12ec [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
00:01:23.0472 0x12ec WinUsb - ok
00:01:23.0550 0x12ec [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
00:01:23.0659 0x12ec Wlansvc - ok
00:01:23.0924 0x12ec [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:01:24.0080 0x12ec wlidsvc - ok
00:01:24.0127 0x12ec [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
00:01:24.0174 0x12ec WmiAcpi - ok
00:01:24.0220 0x12ec [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
00:01:24.0283 0x12ec wmiApSrv - ok
00:01:24.0330 0x12ec WMPNetworkSvc - ok
00:01:24.0376 0x12ec [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
00:01:24.0423 0x12ec WPCSvc - ok
00:01:24.0454 0x12ec [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
00:01:24.0517 0x12ec WPDBusEnum - ok
00:01:24.0548 0x12ec [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
00:01:24.0626 0x12ec ws2ifsl - ok
00:01:24.0688 0x12ec [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
00:01:24.0735 0x12ec wscsvc - ok
00:01:24.0735 0x12ec WSearch - ok
00:01:24.0798 0x12ec [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
00:01:24.0829 0x12ec wsvd - ok
00:01:25.0000 0x12ec [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
00:01:25.0172 0x12ec wuauserv - ok
00:01:25.0234 0x12ec [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
00:01:25.0297 0x12ec WudfPf - ok
00:01:25.0359 0x12ec [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
00:01:25.0422 0x12ec WUDFRd - ok
00:01:25.0468 0x12ec [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
00:01:25.0500 0x12ec wudfsvc - ok
00:01:25.0546 0x12ec [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
00:01:25.0624 0x12ec WwanSvc - ok
00:01:25.0687 0x12ec ================ Scan global ===============================
00:01:25.0702 0x12ec [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
00:01:25.0749 0x12ec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
00:01:25.0780 0x12ec [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
00:01:25.0827 0x12ec [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
00:01:25.0874 0x12ec [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
00:01:25.0890 0x12ec [ Global ] - ok
00:01:25.0890 0x12ec ================ Scan MBR ==================================
00:01:25.0905 0x12ec [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:01:26.0654 0x12ec \Device\Harddisk0\DR0 - ok
00:01:26.0670 0x12ec ================ Scan VBR ==================================
00:01:26.0701 0x12ec [ E162EA5D3F93DF228BB5A04E9F449F15 ] \Device\Harddisk0\DR0\Partition1
00:01:26.0701 0x12ec \Device\Harddisk0\DR0\Partition1 - ok
00:01:26.0717 0x12ec [ BAD6764EDCE81811DB78629292284A4F ] \Device\Harddisk0\DR0\Partition2
00:01:26.0717 0x12ec \Device\Harddisk0\DR0\Partition2 - ok
00:01:26.0748 0x12ec [ 46B78AB8CBF17875E4DAEAF216D74418 ] \Device\Harddisk0\DR0\Partition3
00:01:26.0748 0x12ec \Device\Harddisk0\DR0\Partition3 - ok
00:01:26.0748 0x12ec ================ Scan generic autorun ======================
00:01:26.0748 0x12ec SynTPEnh - ok
00:01:27.0029 0x12ec [ 5ECC1863EB40929C1E54908AA721300A, DFB2AB9C03F9B023E1DF080A641C4F45B197E95310D2EE2FCE4C9867A6B11F2B ] C:\Program Files\CapsLK OSD\64\CAPSOSD.EXE
00:01:27.0247 0x12ec {BA1E422A-80A8-4AA0-B67B-CAA3D04C5162} - ok
00:01:27.0309 0x12ec [ 634893B16ACB0838831B15E6B8342EE0, BDB1BE9637DE7B024F43BEBEE8DBC601D6F35E7D9B47846DF6AF804DF6182578 ] C:\Windows\System32\TpShocks.exe
00:01:27.0341 0x12ec TpShocks - ok
00:01:27.0419 0x12ec [ 03998CA1B0F0B50A5062A38D35CFDB4D, 359907A8B7EC0C693FA95F296DF7BB70451EBA865C0CF5BB9C55720FEFB5936E ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
00:01:27.0450 0x12ec Lenovo EE Boot Optimizer - detected UnsignedFile.Multi.Generic ( 1 )
00:01:27.0606 0x12ec Lenovo EE Boot Optimizer ( UnsignedFile.Multi.Generic ) - warning
00:01:27.0699 0x12ec [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
00:01:27.0746 0x12ec UpdatePRCShortCut - ok
00:01:28.0355 0x12ec [ 79FE52037E84582800D7E9E6CD505F6C, EB42F4421A0A60478F9CE274C10783357AA02B924AD9189226BD603656624589 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
00:01:29.0041 0x12ec Energy Management - ok
00:01:29.0415 0x12ec [ 3C489726BD233D2D251AAC6121AB2A14, 89A6931879565F65BAF84F5DA11280E2A86387E7817AF71BD639212DEE791412 ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
00:01:29.0790 0x12ec EnergyUtility - ok
00:01:29.0977 0x12ec [ 87A4BA086E5B5DF0F36E3F6D7234D701, EE26338497E016A95CB5970777B7B7AC8FAEF4E491713D729EDEFBCDC9FBF4A4 ] c:\Program Files\Microsoft Security Client\msseces.exe
00:01:30.0102 0x12ec MSC - ok
00:01:30.0227 0x12ec [ E1F33D0B8E52D66AAFBF2920E77E9DBD, 9FD6C429B374D0D30A8D5B75294D1B82D2255A7F126E51172D51AF78DE982847 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:01:30.0305 0x12ec StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
00:01:30.0305 0x12ec StartCCC ( UnsignedFile.Multi.Generic ) - warning
00:01:30.0383 0x12ec [ B7A36B59F77C1A088FE3A19BFADCB9F0, 88C33C26391F6D0773BB2AB8ACA3A10B781453954AF1E4F665898CA75F49CAE4 ] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
00:01:30.0492 0x12ec 332BigDog - ok
00:01:30.0523 0x12ec [ 3FB4E7E2069F0FD9E15ABC18D605E427, 2FFC218E575DA9E8C86E468227B302752C73EA3246CC0A599D7BCC41ED404F4D ] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe
00:01:30.0554 0x12ec UpdatePRCShortCut - ok
00:01:30.0632 0x12ec [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
00:01:30.0663 0x12ec BCSSync - ok
00:01:30.0804 0x12ec [ B63E5C7807334A3A8F731062F15462CC, F4E501F749C10C44E8F501A34D8DD309892968BE70DA17734267BBCDDC351444 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:01:30.0866 0x12ec Adobe ARM - ok
00:01:31.0007 0x12ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:01:31.0131 0x12ec Sidebar - ok
00:01:31.0163 0x12ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:01:31.0209 0x12ec mctadmin - ok
00:01:31.0287 0x12ec [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:01:31.0381 0x12ec Sidebar - ok
00:01:31.0397 0x12ec [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:01:31.0443 0x12ec mctadmin - ok
00:01:31.0662 0x12ec AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.650 ), 0x41000 ( enabled : updated )
00:01:31.0662 0x12ec AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.7.205.0 ), 0x61010 ( enabled : outofdate )
00:01:31.0709 0x12ec Win FW state via NFP2: enabled
00:01:31.0709 0x12ec ============================================================
00:01:31.0709 0x12ec Scan finished
00:01:31.0709 0x12ec ============================================================
00:01:31.0724 0x1654 Detected object count: 2
00:01:31.0724 0x1654 Actual detected object count: 2
00:02:29.0897 0x1654 Lenovo EE Boot Optimizer ( UnsignedFile.Multi.Generic ) - skipped by user
00:02:29.0897 0x1654 Lenovo EE Boot Optimizer ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:02:29.0897 0x1654 StartCCC ( UnsignedFile.Multi.Generic ) - skipped by user
00:02:29.0897 0x1654 StartCCC ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
10.03.2015, 19:39
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: Trojaner - Windows Updates, Firewall defekt hi, Scan mit Combofix
__________________ --> Windows 7: Trojaner - Windows Updates, Firewall defekt |
|
11.03.2015, 00:05
| #7 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt Hi, nach dem Neustart liefen Avira und Malwarebytes wieder, Combofix hat aber keinen Fehler gemeldet. Code:
ATTFilter ComboFix 15-03-09.01 - Britta 10.03.2015 23:29:35.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3689.2395 [GMT 1:00]
ausgeführt von:: c:\users\Britta\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SecureW2
c:\program files (x86)\SecureW2\Uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk
c:\users\Britta\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\Britta\AppData\Local\TempDIR
c:\users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2
c:\users\Britta\Documents\~WRL3950.tmp
c:\windows\s.bat
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-10 bis 2015-03-10 ))))))))))))))))))))))))))))))
.
.
2015-03-10 22:40 . 2015-03-10 22:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-03-09 20:48 . 2015-03-09 22:57 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-03-09 10:24 . 2015-03-09 10:33 -------- d-----w- C:\FRST
2015-03-09 05:47 . 2015-03-09 05:47 -------- d-----w- c:\users\Britta\AppData\Roaming\Avira
2015-03-09 05:15 . 2015-03-09 05:15 -------- d-s---w- c:\windows\system32\CompatTel
2015-03-09 05:15 . 2015-03-09 05:15 -------- d-----w- c:\windows\system32\appraiser
2015-03-09 03:16 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2015-03-09 03:16 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2015-03-09 03:16 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2015-03-09 03:16 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2015-03-09 03:16 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2015-03-09 02:34 . 2013-10-14 17:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2015-03-09 02:06 . 2015-03-09 02:06 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-09 00:35 . 2012-07-26 07:46 2560 ----a-w- c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2015-03-08 23:14 . 2014-07-07 02:06 206848 ----a-w- c:\windows\system32\mfps.dll
2015-03-08 23:14 . 2014-07-07 02:06 55808 ----a-w- c:\windows\system32\rrinstaller.exe
2015-03-08 23:14 . 2014-07-07 02:06 24576 ----a-w- c:\windows\system32\mfpmp.exe
2015-03-08 23:14 . 2014-07-07 02:02 2048 ----a-w- c:\windows\system32\mferror.dll
2015-03-08 23:14 . 2014-07-07 01:40 103424 ----a-w- c:\windows\SysWow64\mfps.dll
2015-03-08 23:14 . 2014-07-07 01:39 50176 ----a-w- c:\windows\SysWow64\rrinstaller.exe
2015-03-08 23:14 . 2014-07-07 01:39 23040 ----a-w- c:\windows\SysWow64\mfpmp.exe
2015-03-08 23:14 . 2014-07-07 01:37 2048 ----a-w- c:\windows\SysWow64\mferror.dll
2015-03-08 23:14 . 2014-10-18 01:33 3209728 ----a-w- c:\windows\SysWow64\mf.dll
2015-03-08 23:14 . 2014-10-18 02:05 4121600 ----a-w- c:\windows\system32\mf.dll
2015-03-08 22:57 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-03-08 22:57 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2015-03-08 22:57 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2015-03-08 22:57 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2015-03-08 22:57 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2015-03-08 22:57 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2015-03-08 22:57 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2015-03-08 22:20 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2015-03-08 22:20 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2015-03-08 22:20 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2015-03-08 22:20 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2015-03-08 22:20 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2015-03-08 22:20 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2015-03-08 22:20 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-03-08 22:20 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-03-08 22:16 . 2014-11-11 01:46 119296 ----a-w- c:\windows\system32\drivers\tdx.sys
2015-03-08 22:16 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2015-03-08 22:16 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2015-03-08 22:16 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2015-03-08 22:16 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2015-03-08 22:14 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll
2015-03-08 22:13 . 2014-10-14 02:13 683520 ----a-w- c:\windows\system32\termsrv.dll
2015-03-08 22:13 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-03-08 22:13 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2015-03-08 22:11 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2015-03-08 22:10 . 2013-07-04 12:57 259584 ----a-w- c:\windows\system32\WebClnt.dll
2015-03-08 22:09 . 2014-06-16 02:10 985536 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2015-03-08 22:09 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2015-03-08 22:09 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
2015-03-08 22:09 . 2014-08-12 02:02 878080 ----a-w- c:\windows\system32\IMJP10K.DLL
2015-03-08 22:09 . 2014-08-12 01:36 701440 ----a-w- c:\windows\SysWow64\IMJP10K.DLL
2015-03-08 22:09 . 2013-09-08 02:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2015-03-08 22:09 . 2013-09-08 02:03 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2015-03-08 21:56 . 2014-07-17 02:07 455168 ----a-w- c:\windows\system32\winlogon.exe
2015-03-08 21:56 . 2014-07-17 02:07 235520 ----a-w- c:\windows\system32\winsta.dll
2015-03-08 21:56 . 2014-07-17 02:07 1118720 ----a-w- c:\windows\system32\mstsc.exe
2015-03-08 21:56 . 2014-07-17 01:39 1051136 ----a-w- c:\windows\SysWow64\mstsc.exe
2015-03-08 21:56 . 2014-07-17 02:07 150528 ----a-w- c:\windows\system32\rdpcorekmts.dll
2015-03-08 21:56 . 2014-07-17 01:40 157696 ----a-w- c:\windows\SysWow64\winsta.dll
2015-03-08 21:56 . 2014-07-17 01:21 212480 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2015-03-08 21:56 . 2014-07-17 01:21 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2015-03-08 21:56 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2015-03-08 21:56 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2015-03-08 21:56 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2015-03-08 21:55 . 2013-08-29 02:16 1732032 ----a-w- c:\windows\system32\ntdll.dll
2015-03-08 21:55 . 2013-08-29 02:16 859648 ----a-w- c:\windows\system32\tdh.dll
2015-03-08 21:55 . 2013-08-29 02:13 878080 ----a-w- c:\windows\system32\advapi32.dll
2015-03-08 21:55 . 2013-08-29 01:50 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2015-03-08 21:55 . 2013-08-29 01:50 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-03-08 21:55 . 2013-08-29 01:48 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-03-08 21:51 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2015-03-08 21:51 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2015-03-08 21:50 . 2013-08-02 02:12 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-03-08 21:50 . 2013-08-02 02:12 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-03-08 21:50 . 2013-08-02 01:48 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2015-03-08 21:50 . 2013-08-02 00:59 112640 ----a-w- c:\windows\system32\smss.exe
2015-03-08 21:48 . 2014-06-25 02:05 14175744 ----a-w- c:\windows\system32\shell32.dll
2015-03-08 21:48 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2015-03-08 21:48 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2015-03-08 21:48 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2015-03-08 21:48 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2015-03-08 21:48 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2015-03-08 21:48 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2015-03-08 21:46 . 2014-10-04 02:10 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-03-08 21:45 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2015-03-08 19:45 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2015-03-08 19:45 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-08 19:45 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2015-03-08 19:45 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-08 19:45 . 2014-05-14 08:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-08 19:45 . 2014-05-14 08:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-08 19:45 . 2014-05-14 08:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-08 19:45 . 2014-05-14 08:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2015-03-08 16:08 . 2015-03-10 22:45 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-08 16:08 . 2015-03-09 21:45 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-08 16:08 . 2015-03-08 16:08 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-03-08 16:08 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-03-08 16:08 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-03-08 11:05 . 2015-03-08 11:08 -------- d-----w- C:\AULOGS
2015-03-08 10:26 . 2015-03-08 10:26 -------- d-----w- c:\users\Britta\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-09 05:49 . 2013-05-02 08:48 44088 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-03-08 17:35 . 2012-04-05 08:37 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-08 17:35 . 2011-09-02 12:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-25 16:53 . 2013-04-09 23:49 132120 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-02-25 16:53 . 2013-04-09 23:49 128536 ----a-w- c:\windows\system32\drivers\avgntflt.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-01 08:39 220632 ----a-w- c:\users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-01 08:39 220632 ----a-w- c:\users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-01 08:39 220632 ----a-w- c:\users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-12-20 336384]
"332BigDog"="c:\program files (x86)\USB Camera2\VM332_STI.EXE" [2010-01-19 536576]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-06-06 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-06-06 2903448]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-02-25 703280]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-14 190032]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2010-5-10 1083680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AMD Reservation Manager;AMD Reservation Manager;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe;c:\program files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 vm2uvcflt;Vimicro USB Camera Filter 2;c:\windows\system32\Drivers\vm2uvcflt.sys;c:\windows\SYSNATIVE\Drivers\vm2uvcflt.sys [x]
S3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 17:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-01 08:39 244696 ----a-w- c:\users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-01 08:39 244696 ----a-w- c:\users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-01 08:39 244696 ----a-w- c:\users\Britta\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2011-04-02 23:49 1508192 ----a-w- c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}"="c:\program files\CapsLK OSD\64\CAPSOSD.EXE" [2010-10-25 3699752]
"TpShocks"="c:\windows\System32\TpShocks.exe" [2010-03-15 231328]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2011-04-02 114688]
"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2011-04-03 9745312]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2011-04-03 5374880]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://lenovo.msn.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
FF - ProfilePath - c:\users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Lenovo\YouCam\YCMMirage.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-03-10 23:55:31 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-03-10 22:55
.
Vor Suchlauf: 11 Verzeichnis(se), 205.341.933.568 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 205.337.198.592 Bytes frei
.
- - End Of File - - 81355B24E13E9A6A452968251015A768
5C616939100B85E558DA92B899A0FC36
|
|
11.03.2015, 17:57
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: Trojaner - Windows Updates, Firewall defekt Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.03.2015, 22:47
| #9 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt Mbam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 11.03.2015 Suchlauf-Zeit: 21:17:20 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.03.11.05 Rootkit Datenbank: v2015.02.25.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Britta Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 357383 Verstrichene Zeit: 42 Min, 46 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 11/03/2015 um 22:21:54
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Britta - BRITTA-PC
# Gestarted von : C:\Users\Britta\Desktop\AdwCleaner_4.112.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v36.0.1 (x86 de)
*************************
AdwCleaner[R0].txt - [901 Bytes] - [11/03/2015 22:16:09]
AdwCleaner[S0].txt - [824 Bytes] - [11/03/2015 22:21:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [882 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Britta on 11.03.2015 at 22:29:24,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{004C3EAB-DAB5-4713-B26B-E8169978886F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0119341A-F9BC-4BB6-B253-D00D7C977B53}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{01CD597E-19B3-488E-8AE3-035F1BB8A5A1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{02143464-9C19-4FBD-A021-90E78E7E1716}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{022D73F9-1C88-489B-966C-E48DAEB9B04D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{02AD3439-10D2-43FB-9D82-4794A353B051}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{02B5FAE6-CEFE-42DD-B485-E068A7CC4994}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{02EE4DDC-12DE-40ED-AB7A-C6C4856565ED}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{03611E7C-CB54-4514-9A54-2CB25EFF9463}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{03ED13CE-0505-4608-99DB-19E162DD19A6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{04585B99-6379-4FEB-935E-B69536507990}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0514F5C3-36C1-4D16-8581-5EA9D59068B9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{05283955-CFD6-435A-B5EE-9C04FB60F79F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0562C564-86AB-4660-9680-9078B40FE56E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{05690FA2-CB6B-4FF9-AD17-055DDC09DC9A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{05C7285A-7274-471D-A3EB-ED350F70F79D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{05EB6302-42FC-4834-8F68-6D7D736F7D75}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{05F4ABFC-BE88-4AF7-8A9E-F0424CF9CAC9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{05FAB264-D71F-463A-8BE8-EEF52470018B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{069141CC-D348-4D22-BB31-D6786E4C996B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{06B24359-090A-4BA9-942A-BCAC8B57DA13}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{06CC56E1-8684-4A49-80A6-392D6261556C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0738EF32-AFB9-41C6-A51F-3463CB9230AC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{076CD867-9A42-4F01-A186-A736F984C4EE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{094CF5DD-A397-445A-8F39-B3F62C825E2A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{09729B1A-DB3D-4811-9B80-8FA0DF57E8A0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{097BA25C-7019-4907-A857-B929C48BFB3E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A0C1FFB-C492-4A9A-A7C7-4507754E88AC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A11DC02-7B7B-4CF1-9C38-BF78A87BF0A5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A2C7F98-1237-4391-B6A9-DEE8AA3856E2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A312540-1C07-46AC-889D-1B24B2A94562}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A3F0C28-D5FC-438D-A53B-650868443FB1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A4547A0-778B-4EDE-B974-CDD8C3AF1D35}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A6BC6AA-25E3-4635-99E7-9427597910E3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A812A58-A85D-4E1A-B7A2-799B137AC11F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0A8696E1-3982-4277-999E-A754A340C372}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0AF2B266-D4C5-444D-804F-7ABC3F07EBCE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0B87806E-11C1-4A2F-A03E-B2F4A367D124}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0C6201E6-8563-4030-B2BF-71688DA85637}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0C88D901-493E-4D7C-81B2-2B2D5B1D2CB0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0D5ED968-B8F9-4412-870F-2E797EB56FD9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0DBC1004-29BF-4B9E-804C-A036DFEB70ED}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0DD6DB5F-E852-41C0-AB18-A4F26E315F65}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0E0344C6-55DB-4815-9599-D29CEF741FD9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0E75C725-22C4-4F8E-BD49-CB0D15717109}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0EABDA41-F8DF-4F46-A0AC-1E4803DED145}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0ED41176-6324-4334-BFD4-55B76B9D349F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0EDC473B-476F-4A9D-B106-4AB75F809BB3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0F2FBE2F-92ED-4C17-A162-2C9EB84D4267}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0F4CEED4-CAF0-43DB-BC6F-053BAC5C14EB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{0FBCE907-14A1-4C75-AF23-9A90847C0BCB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{102B9EE6-4FCF-4C83-BE51-724D71D6220D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{10B77221-7B50-4734-BEE3-D721CA492912}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{10C567A7-6FF3-4499-B91B-45234A55DF32}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{111D8273-F82D-4B94-BDA6-5B12AC382275}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{11A1816C-9382-4A3A-8879-476649A287DD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{11CBC04B-F6FA-46C3-B468-BECF82BA97B1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{12CCD032-2873-42C6-ABBB-EB08FBDC7D67}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{12DD8F95-9C39-415F-BE61-291A5D325030}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{130CE989-483E-4AB6-A93E-FF2432C54285}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{13489B04-2C1E-4B4B-8546-A308434B3DDE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{13E66584-F2CA-4AC7-8279-2C6A720821C7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{14187110-8AB6-430D-B720-B2A5777D4662}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1450D615-F6AD-49D9-BB30-047231CF0F7C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{147C14DA-FB35-4A9C-BEE3-8DF3E6D25E50}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{14D90787-3EFA-4271-B99B-D6FC854589B2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1514EF98-7651-49B6-8941-26E651BA4D69}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{155A2C82-6FF1-4F00-ADA5-B83FB18AD9C6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{15A09004-C4D3-4290-987B-561946A3FD15}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{15C0DEDC-4480-4327-8B4F-F00FA8CB109B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{160B9B20-87D1-4ADF-9008-2AC46DA5E66F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{162570ED-7504-4349-BBC9-F23DB8BFFAC3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1647306C-FD6E-4B3E-9882-28206EA3CB84}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1649BC47-5B51-433C-9EF5-E681D8F13B34}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{16658190-08F5-4F3D-B26F-F455493D54D4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{16DC6437-0320-422C-AA76-F914432843B9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{17BC5623-866A-4998-80C9-95183273285A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{18A8606E-69E1-44F9-9CB4-C39F1C58C9AF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{193F7BBD-A7A8-4802-A99D-4A32C814F2E6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{195551CA-53B4-426E-8B4C-C16C1CF0C6A8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1967DDD9-0635-4E08-80CD-8F1E66DBC513}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{19F62E28-1A40-41B7-8663-E1BDDDF3326E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1A932342-BAAE-4A29-BA13-A2C5C5166F1F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1AE4BE92-D923-4403-A5F8-7B242626013A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1C436288-0666-42F1-A791-1DA2C6DCED38}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1CD1C27C-C544-48B5-9B20-8C1F25B97D7B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1D39154E-C50B-470D-A662-C3A316CDCC91}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1E3335A2-5C74-493C-9A31-66E52AA53EEC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1E9488B0-A9F2-4A82-ACE0-CBBE76A2043A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1ED52409-749E-4B3D-A64B-96A8DEA8C431}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1F17E0E4-F304-48DE-B7BF-FB6C02673163}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1F1A411C-743A-44AE-9FB5-66AF7B8A3D6C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1F25FC84-11FB-42E8-9EC9-5BFA533E63D6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1FA34447-49DF-43C0-B27D-EE1FBAE16389}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{1FF82C69-8D11-4327-BECD-E9906E7D055B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{20B21837-FF14-4D9E-8BDD-F54BB029651E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{20C07C03-9FB6-4E78-B868-35D7EBD1E42D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{20CA2DD5-356B-48C6-8F12-260D4902F6DA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{20F90678-0A85-43EB-AEAC-CB9F30D006DB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{21067B83-10B7-4F64-8493-B33EE421FB5E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{21493809-B14E-4A1D-BC31-EF7CB1DB4180}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{215BCB00-18F6-485F-9316-AB85D59F9368}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{21E706B1-C8DC-4E88-830B-447D8B165E2E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{22987576-0324-442A-9870-020E95CA369B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{22B1231E-4F94-4279-B368-9260E1318F7E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{22F99EBC-CCD1-4863-843D-CCF9129E3E18}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2367EFF3-2792-402E-A637-27A037F20ED1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{239569FC-D810-4FD8-906A-0A4999ABE8BF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{23EDD1DF-AE6E-4914-B2B9-FEA9EBD1CE6A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{24BCECDE-A85B-48BD-8390-F83824F3A4C5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{24F57673-E293-4CBB-AF49-44CD08AC1580}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{253232DB-16D2-4E2A-83C3-CD32DEB58596}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{25473A6A-E0B3-44D7-81DD-04B2B64FB68D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{254DCC39-79E6-42BA-A033-4CECF4200120}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{256D2262-DA42-4FA0-A781-A95B12537343}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{260CA445-5B84-45CF-B9B3-4C64A454DA16}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{263C5232-0368-4541-9162-4463E2AA24D7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{27077B51-A970-4449-AE23-F9C8AFAFE760}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{27D1A5FB-3ED2-473B-8A56-F74E58DB2E07}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{27E2FB7A-E460-4E4B-BB5D-54FA9CADFF2B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{282FE3DD-2795-44E8-AAD4-9306053D57AA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2832C9B2-3A95-40A3-96C3-FB3D74A7FA62}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{289F8491-F051-4B2B-8BD0-564D6DC5B704}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{28A13CEC-D648-4F53-A34F-0EE685FA1046}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{28EFDB31-7A1C-432F-964D-90DDE3BAF203}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2A717A41-C541-4333-95BF-6BEB0C1B417A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2AA36154-57D6-4043-8911-E2EA0C2D33B7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2AD03575-B904-489B-BE62-68B4C45FB163}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2B1EB170-9FCA-40EB-AD17-D1E5322BB46A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2B955523-6AE3-47F7-B7C2-70281FE56D6B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2C6B4D93-1EC3-4713-88BA-A5BDF867B1A4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2C923836-D0F4-469D-9F7E-B4EE203A3610}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2CC6C7D7-B34A-4760-8BD2-97DF20076E21}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2CDEDC46-D430-4AD8-9637-002F2C04DB8C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2D2882D0-CDBA-4B6D-80BC-5D5F5971E430}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2DF82A23-F25D-48F9-8F42-854A8E8ADEAA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2E18D18B-8CB2-4663-B2E0-90995D8D1015}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2F39925B-0E19-4200-B734-5B443CC4B199}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{2F699CB1-ADB8-4424-BA2E-0955090E13D4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3023F049-0E21-47EC-B392-3C42217A30AC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3063BCD5-177A-41AD-B535-CB5119314F78}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3074F1B0-E2E6-4834-ACE4-24E08BBEEE9D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{31034C28-110B-442E-9130-C2EF7611F463}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3152E4FC-C249-49C7-AE64-576203FFD50A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{31821F6F-89BA-4590-BA8F-4A8BD184AB06}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{32C2A0F0-C5C3-4157-AE94-865999D9CFA0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{32FED375-8B83-440D-A105-6F8F09CB4C7C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3326D795-CD8B-4A74-AADF-27A166E756F6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{33323AB9-049D-4EC7-B9C8-34FDF5049E35}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{33A7C5F5-941F-4ADE-B8DA-93DD73654A68}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{34124A18-30B6-4354-B722-E626B0C14C59}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{344C17E3-0676-473C-942E-9B057474FA47}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3506F396-8248-482B-904C-D13729FB7A51}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{355EF059-1ADA-4FCF-AA72-1ADE196EA452}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{35A9F5B8-E102-4849-8683-E1527B120FED}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{35AAC46E-317C-4C29-BFF7-FFF86701D053}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{35E5B075-F7A8-4249-A0BF-684D3D2F7C2E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{361A067D-653A-4B1E-8FD8-5190A1081D55}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{36381FB5-1714-42C6-8D63-B68ABE44D049}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{367B0B1F-A4C1-45F6-A556-3A18ACEB41DB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{36E2B042-23B8-424A-9B67-F2848A710701}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{376AF837-902C-40EB-A01E-A391F08DA852}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{37A9101B-504F-49EE-BD94-204CE27FDA2C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{37FD971C-32F3-4831-A7AE-7502CAC483AA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{38806EF7-3215-4C10-9929-860ACDF7C918}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{388B8323-6A7A-45D2-90AE-6AD0F27A2C85}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{39468025-ACD3-4AF1-B736-6C2CAA825F53}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{39C1CAC3-27A9-4A08-8037-1558836785F2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3AFDBE74-831D-4024-B8B8-A6194260A034}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3B28AB03-38C8-4B1E-8C43-F15F1A6DFA3B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3B340337-1B12-4ECB-A5A8-BEE3B743C027}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3B60FB26-7DB3-4BD6-A188-5041A489261B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3B7674A6-CF96-4A61-BE9D-5C60997BE6FE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3BD0D07C-3004-4D79-876E-5FAD0E216AC8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3BF72389-46D1-496A-B4A6-EAB12BEAB24B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3C8BC9F6-CB26-47DF-8586-B8F9B1F5F142}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3CC592A6-FDDE-42CE-8ECA-F3DB8A854142}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3CF2246A-878E-4A20-B6C8-EA5EFB12B4FD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3D31B954-F350-4E46-8ED6-6DCC4C503C8C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3D3AA455-9D66-4BF4-A005-0C30D7D1B102}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3D402BC4-63F0-4ADD-BC32-0A7A034C6389}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3D71A4B8-B9AE-412A-8C85-752034BE27AD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3E23D274-8E83-4857-97BB-4F22C029B6E3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3E9BAC75-59DE-474B-9F61-6DF147C7C83D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3EB0E57C-541A-45EB-999D-34121658B441}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3EFB10C0-590D-4E8B-B658-CCD2777F9759}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3F05C924-CE28-47FD-BE1D-DF12952AD333}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3F5EA121-791F-4DFA-99FB-4E8FA0D54C6B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{3F8BD492-DEC5-442F-A59A-239ECA22F68D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4019DACF-5F31-403C-A3BE-129A8B22A954}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{40F0ED76-59E9-4E7D-A5B8-344DB0E920EA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{41255DE1-FA19-4B2A-A914-A3E64A0C9CE1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{412A5C55-F68E-4B2E-845C-4AA62CB07830}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{418F5240-CE43-4D16-B5FF-5C30A4C29982}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{42383ABA-26E8-4350-9703-3887B9FA5DE3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{425F34C5-F9E7-4859-A4A1-95686E603807}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4353FA00-F009-4B12-93FD-DD294E944215}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4394E5E2-1B8E-4F46-9273-09EC92A46F23}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{43D927C2-053B-4737-8DBB-BDA74417AC82}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{43DA4F8F-E2CB-423F-AB88-9481864B0823}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{43DBA75E-35C7-44A8-9657-18ADB5A9F295}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{43FCCBFA-AE08-421C-A2D4-E708AD06D178}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{44A443F0-54F8-4A4B-ABBC-F1F52C92D888}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{450D60E2-7AD7-4579-A6B4-F13612E786B5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{45C52223-B971-4957-B224-C8EE6EF0F4B6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{460C6272-507E-4FD9-B50F-D3C41AA58E64}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{461E913E-4617-4239-AEA6-BD3C82381B92}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{46715DBB-ACA9-4FB4-B086-8490F63E0C42}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{467CE41E-DF18-4D49-9794-869C2C5A042B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{468C5BB4-75AC-4E78-9DA6-1C9FBC67CD11}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{469B0AE4-23BF-4FBA-BA17-5C77C4C96606}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{46D7AD86-CFB0-44F6-BA0F-A7F0248596DE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{47506C76-2615-40C8-A4B1-1A5EE183738E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4798B945-3408-4A31-A83E-253D8D4CD03F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{47B716E3-A88E-44BD-A8FA-1F81B592EB37}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{482F383E-AABB-4F11-B397-0367E01B2A25}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{48370070-FC73-49CB-BC3A-F6114618F532}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{48A31FE6-F295-422E-8502-D7985064F029}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{49533460-E340-44CA-AF0E-AFF123355DA5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{49A56B18-16F6-4636-A1E3-0FAC1E1CB918}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{49F7ECFB-5D1E-49DF-991E-51FCC4D8095C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4A0295F2-4057-4FCF-8324-00F30876B488}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4ABF547B-9A59-4180-A2B2-4CF6FDEE95AB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4C3F266D-B8CC-4E99-9436-8347F9669026}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4CE5561C-A42A-47A5-AB0D-CF28BFADD610}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4CE58D7D-6DD6-47C1-B6D7-89B2EDD0A129}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4CF3EE65-62B7-4818-A4BF-4DBE7B9D1017}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4DBFC642-D3E1-44A4-B197-77090D7317F8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4E06BE4E-1191-4842-A249-BD01C6DD7CEF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4E7615C2-5203-4CF1-B7AD-7217E8FCDBD7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4E9BF019-3528-4CBA-B907-67E158845838}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4ED49007-2374-4413-A353-FBAB9B96B6C8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4EFC2F63-94B5-493D-AFBC-7E342A81346D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4F28FF16-D8C5-470E-A47C-C32B9CD544E8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4F59EF29-F668-4BA3-8D7A-2B0741AF9044}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4F9F5677-FFC4-47C6-A287-920AC82E6439}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4FC35220-0BF1-4A15-8F61-49B09FCAADBA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{4FF8019B-499D-4672-A584-3870FD45ED69}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{50B0512F-DB23-4065-8541-8C3501E1F032}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{50B3BB77-7E7D-4FAE-8893-7092F944CDFB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{50BDA362-4E56-4D5E-ADA5-A4AFF66996F6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{519A6EEA-22D4-4A19-9E7E-FBFF40DC0F48}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5353994C-216B-4139-BB7F-DAE95A176425}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{542AB302-E24C-46DC-BB1F-AE60FB2EFF0B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{54418D39-0E7B-4E57-8B7A-50FE2555CFCF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{54D179AF-6752-4DD6-97ED-6DC8058ED9EA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{54E9495E-2B27-4D15-8851-2121802FDBF1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{54FD5052-4295-418C-96CA-B9BF2DD938A7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{551B5831-278D-4B8C-B098-CC0A3BBDB8BD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{553338B1-66C2-4CF5-A6C6-500069813D04}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5537178C-986C-47B8-87FA-6D6E96E23141}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{555241FE-4DC7-4030-A95F-55DA1F3FFA40}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{55DD37A0-3C07-43C1-970D-DF6FCA01B1BC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{56448432-A4BA-4C2C-AE95-7206C9604522}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{568C159A-A1A6-4185-877B-6B72BF6B8579}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{56C961C3-4D58-4586-8C87-3144B4CD4C4B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{56DE72E1-EE97-4ECA-9E52-FAE22D921D50}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{56F2DC9E-9A1A-4A32-ABF9-79A984887375}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{577454CC-15B4-4C83-9FC1-9062A93C88BE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{57AA849B-38D5-4146-879C-39E82C2FCDCF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{57D8B394-F551-4752-ADE3-56EC630A96C7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{57D9596A-2E63-4E1E-8114-CE434D3D0E16}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{585FC293-D536-4663-A8BA-A38826682F2A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{58D13E19-E8A6-4A06-960D-32DD0D9F86E6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{58E206DD-0208-4ADB-8C9F-A15BAF179A75}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{592B8B54-6FFE-48B4-9D94-81690DD36B70}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{593E659B-CC4A-4E85-A538-5D19AB2212FD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{59A2D14E-5FFC-4AF8-9FA0-73656C771F3B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5A0DFC9F-43EB-4DF9-A6E4-AAAE37DE7032}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5A1289B3-9537-44CD-B029-478C569E644F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5AFC1DDB-2D25-4C16-BC64-AA6B9755267D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5B5F4195-C521-4DE6-8736-FB797E52D7C2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5B74AE6E-9B87-4BBE-81CB-6F8E2077949A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5C4EF397-48AF-427F-B744-A85D73634807}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5CB2ADD5-C6F7-48D0-B491-007DA6E709D7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5CF35F7A-0A6B-4797-9B62-AAD1C83A527A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5CFC2BDB-67C7-43A1-AD18-5581AC63CA10}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5D27B586-2CB7-4803-A99D-37D00E76B102}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5D9D6328-20D1-4A93-B46E-16AE83A607A7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5DE429AE-31EB-4C42-9E56-ABD29D95B5D8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5E0A32D0-9FCF-4AF1-8934-6D4232855B9C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5EC10AF9-D758-44BE-8141-5DA0CF995D11}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5F3A5DFC-3F15-42C1-868B-6B80772957B3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5F482171-08AA-4D4C-8DE6-A21F24206D9B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{5FA11A4C-277E-47B8-8DA3-2B2792D74EF6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{602AD326-91DF-4611-B902-3C74C3FEC954}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{607BEBA1-B6F2-4A66-B390-1DB4AFCD2765}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{60BD8115-1408-4463-909B-3298A36249D5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6144A8C2-087E-4C20-8EE6-BE54AAE09533}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{620694D0-413A-4DE5-B0C6-DBF7E26D00DF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{62A143B5-714B-4322-8EBE-49D7338DE9F2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{62A84E35-27AE-4B19-9C86-8EDF9F754432}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{62E75D41-1DE5-4434-B493-2AC419038AF5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{636AFA74-C56F-44F9-9533-618E4B514191}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{63A9D3AF-B24D-491F-A44A-C1EC14580194}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{640E511C-1DAB-46FF-8DCB-42257617FDBA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{65B66CEF-C4DB-4BB4-9148-E96E102C627C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{669783EB-4BF7-4394-8A00-A7301B59DC6A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{66B1398C-875F-4900-9AB5-45F485228711}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{675C4454-02ED-4C68-8DFE-825166A2770A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{67A7182D-A256-4BD0-973A-EAB87EF05AD4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{681FAC96-7B18-4B22-9B55-79863D21DE6B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6857D7CA-8EA4-4629-A812-71769A3418C9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{68DE32DE-8B32-4327-9964-5CF9DE88053D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{68F2B5E9-646B-4F91-AA7F-7F536A20FEFA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{699DCC38-BEC7-4523-96B9-6B85DD304912}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6A283D92-760F-4CFA-9960-00627C25679C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6A2D7DF5-7F83-49CA-969C-777F7724EE27}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6AA941A0-9DC6-48BE-B95F-9C76C4ED1C8B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6B71B216-A250-4ABD-A172-41A63CCBD916}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6B87CB00-BC69-4514-9CE8-C899DD33F0D0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6D153FC6-06B0-458A-9BD6-71283D9183A2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6D26C36A-23C6-4BE5-81F7-5E24BDFDF96F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6D45D1C4-871D-41C5-8679-F51056C565ED}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6D52BBEB-7B34-4C44-8CD6-E4955C429C48}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6EBF10D6-D94C-4B58-AE26-A35F5248BE5A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6F241A12-A9DE-4F4A-8C43-F821ED228F3D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{6F7C70C4-279C-49B2-9D1D-CD7036A82B86}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7078A788-52EC-42F3-AA8F-7DA62551D982}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7093695F-C67A-4C2E-BD43-709F90871594}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{70FB7A03-F795-431E-A1D3-4935B891AB58}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{71365F8C-BEB3-4284-B551-ACA3BC9B0576}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{716E8477-542C-40E9-8AE9-086C80569FAB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7170EDCD-563C-4E04-9939-4A43C7FFE57B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{717D9722-E9C8-425D-B97F-CB8DBF86667C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{71D99366-BF7E-482C-8195-B208E4210C70}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7212E422-EC3D-418C-B240-68BEEC9AB827}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7324A325-EA35-465B-9BC2-65A48C28AD2C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{73A7E2F1-B88D-4DD7-A623-D67FF6C53BE9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7439C1F4-ECAF-40FD-B3BC-37C74385A0E5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{74AC3866-AD6C-4991-9B3D-AB8409466C96}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{74DBF5E2-1305-42DD-A23A-6D7415F1BBDF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7515F81F-C759-421C-826E-1F53F9407E7C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7539C404-5C48-4A05-8D84-7416ACCE4FA3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7599B2AE-3EA4-4FEE-96B1-2E96CB9CB727}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{75C001BE-ABDD-4CAA-BC1A-347021E9A1E9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{75D3BD14-95C0-4940-ACD0-A27F8F061900}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{76748CED-39CB-4739-991E-6D85CB4D4BC3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{76B9F5F1-2753-4B7B-88F3-B1A7C2B5F26E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{76CE4740-5E77-474D-BDEE-07F031BABFD7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7767DFA8-1821-4D56-9470-235A10FD76CF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{779CEA65-C789-4409-A4A6-1831DC25161C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7833CF90-A329-4705-96C4-59A0924CEC6B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{799FB47C-FE62-44C2-BF0B-7EB9099EF3E2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{79C26654-0D83-4B06-B674-EE2843B57ACC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{79D36BB7-2498-4F8C-BF34-B9A62FA2BB59}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7A660E74-483B-4115-8127-2B55EEDEAC35}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7A75044D-9537-4C86-AE25-BBB77F5F2611}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7B17EC53-6310-4D60-B2DA-FD8EAD024619}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7B5B8EA8-5F52-42CA-8F99-2D7BD988878F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7B9E3ACC-6FEE-4726-BB1A-42E6D916A69B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7BB95A7D-1E36-43EA-9552-3CFB972CFAD3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7C5637F1-AA20-449D-AD5E-DAE17FA508F6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7C76B5EB-1531-4494-8821-4A7C53C15111}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7C8A5B1B-6CCD-49F4-ADD1-FF917287CED1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7CBD322F-5706-4D15-AF2D-777F7B413569}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7D5A8629-64F5-449F-AE8B-810D566962A2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7DCBCED0-03B4-4CF8-8392-2C8292E4B38E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7F24C78A-DC9A-4515-8590-A6919DDA2461}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7F9CCD9C-B818-4D48-AF10-FE4B3E0F6158}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{7FE0CCCA-2D8D-4AA0-A7F2-137838896BB5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{800880A3-79F0-4DC8-8CC1-9D695FC10690}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8019399B-7422-429D-ADB2-A09269F977B2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{80B88BC6-67B5-43BF-9AE3-769179447D7E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8123FEA9-1377-4F31-93CF-513CDBCF2285}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{819C60B3-DA81-42F9-AE55-2C6814FFE04D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{830B12EA-A877-4993-AF92-2548D35F9B31}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{831F66C4-7018-4CA7-A4D5-D94C8506EF7F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{83396B6E-3BFE-48F2-BC64-B6CE79F7DB15}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{83613308-E373-47B2-82C4-2BE60C37E617}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{83D103E3-9896-496D-B526-2D5BCE0B6C5F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{84135F40-A112-4FC2-816F-4F1C5E419A3F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{842340F5-E3B7-4C85-B9FE-4EE64068A1C3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{846A0E81-FA82-4CAF-BAB4-8B0ECDB16E9B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{84C6BA9F-F8D4-4CE5-95AB-2B95A0466A21}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{85EC6E98-FCB8-479D-9D62-EE4E2F0665ED}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{86673920-4916-48AF-9D9D-9B1777802EDA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{86DD0A29-C5BE-48D5-9C3C-75440BA3D0A5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{87F205A8-949F-43B1-AEA6-2DD26571B113}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{885E7AA0-9DBD-42FB-A243-03EDDFA1D40B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8863F2DA-5D38-4BDB-8458-9DCD8298013E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{88E8448B-6DAB-4057-83A3-C94EE053EACF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{88EF48B4-7B0C-4991-A7F2-EDC371E1D841}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8901FEA8-A59A-45F6-BA08-46688CA26E17}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{89A3A8BC-E2C1-489E-A951-9DC86A4533F1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8A441E95-8AC3-469F-8A0C-EF93FDD6C713}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8AD7CCE3-3C08-4CC9-A886-6281E6E8D125}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8AEE1401-DF60-454B-8753-8FACD261AC9B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8B55AA3F-73BD-42C6-AD00-323BBD41B5B7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8BF9455B-684F-4CA2-99B8-5A51FE47208D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8C06F779-300E-44FA-A11F-4F2A5E22242C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8CD10993-EEED-4AAD-83BE-258DFA159772}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8D15BA6D-0DAD-4C6A-BD0E-49023049B762}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8DA96F27-EB87-4A1C-B453-FA521346CF84}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8DC6D52F-65FE-45B0-9D08-B61E896ECD4A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8DC74FC1-79A8-4AFB-8981-6022E8A042AB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8E4F0A8B-2F24-4A84-B505-DDAC6AF600C1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8E788A56-4628-4EC2-B366-326F6E0F3C87}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8EBFEC50-C981-4CEA-82F5-8B2D986EB176}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{8F4450AB-7832-40D3-84E1-ECA4F5713BA4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{906F2E58-85ED-47F6-A17E-EDA8B52DD739}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{91501ECF-6E53-412D-9B1E-87026E7F9475}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9153E01F-7767-4876-924F-B855B15F4973}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{91CA5321-813D-4CA3-9793-EDD44B000B3E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{921430CB-A5E7-4D6C-9AF7-4EE89FEEA982}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{922E04C8-BE3C-4BF3-8104-289D9AD765A9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{923AECA0-0189-4827-9D31-CEF92E92AF36}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{92DB8E01-F6A2-4189-9B30-169611FE9B4D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{92E059BD-62B2-4605-826B-2566603C8BF6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{930D156C-2C5D-447A-86EC-16D3FBB3DA90}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{93B40A8D-17D4-4592-946F-79E0B243BB5F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{942693B9-9FCC-4832-91AD-3FD51CDFE086}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9440B8F3-8D80-4A5B-B3D8-6AB0073E1BDC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{945AEB37-F3C0-47E0-9630-CB4D6952F0F6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{946B0E98-8331-4925-A5EE-1C4BD813D89D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9471BE96-7CF7-4979-846E-DB9ED8F1CDC1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{94E0F10A-EDF5-4B0C-89D0-EBE718A7AFCB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9533CE3E-FD78-4E0B-81D8-A659744A443A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{958A99B2-80A8-4DA0-97F8-D53D2A019950}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{959CB1DF-497E-466B-A1DC-FF62262670F7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{95AD2798-6B8F-4E68-8C77-4D2133C23681}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{95B7639E-6217-4930-9004-43DDE4655F45}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{95C9A5AC-C060-4EE0-B73B-6FE3FA5EB7E3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{962DD3FB-0874-4D51-8EA5-D9E39DF22684}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{96C51A1A-66ED-4D77-83E5-2C92C840602E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{97C19D09-5349-401B-9D16-E24816C0D898}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{982DFF11-ACED-4E0E-8019-8052822E3418}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9850EB0B-F585-4BF8-B35F-06A74FF75B0F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9903DFD8-D00B-4AC7-96C5-8C69A1E9738A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{99868A20-7D6B-4A21-9009-E43887E9D5AA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9A2F8773-7AC9-4A24-95EE-C41E39085284}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9A5339C7-FB57-4308-ACB3-3A38C8675664}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9A5837A9-BBAC-4CA3-A944-CEE758B492C0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9A587A98-B29F-4288-BF84-CD232A53A9E5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9B1FDDE6-DB02-49CA-AE18-9BE14319AC8D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9BD34856-9F9A-420D-8E35-E399CA82C5A2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9C1D99BA-58AC-4C44-81CE-2219C1BBBB00}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9CE1E874-585E-467F-B4A4-E1EF173B5975}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9D0B986A-BE0B-464C-84DE-77016C3A6AFE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9D2BB26C-CCFD-43EA-A729-610024AA8733}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9D530F5C-D164-4FD9-B62E-ABC12CE1C67D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9DFE142F-0AD6-44C5-8EBB-CCD04B2E6566}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9E409728-58BC-4548-940D-D5CC21EAD61A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9EC1BC02-7D58-4544-987F-175036EBA25F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{9F31AA31-F2A0-44D0-A8CE-12290F08375F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A02A208B-494F-4B4B-B183-75107E9E5B51}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A054EEFD-BE5D-49B2-B0EC-190C34FD12B1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A0668E0D-8396-4DFD-8D20-5B26FF3C79C1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A0F9D1F5-E454-4897-8C38-94EBB65008C9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A18FAC02-2DDB-4C23-AAB8-B936E341D4CE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A190557C-1B6A-4024-AEB3-3A91AF1E9597}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A1C84568-305B-4A3F-A8F4-00578D4E080E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A25706FF-9C9E-4B1A-9169-8B5F7224545E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A2C16160-DBC9-4C86-8702-E34957F11E02}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A32CCC85-F305-471F-9459-10DEEEA3B7BF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A34A7DD6-CFBA-4B04-A02E-E40F4F160977}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A384D68F-926E-481E-924A-AC6AE71431ED}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A399329C-A1DA-499C-8937-3BE49E12238F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A3A0DD6A-6B8D-49CE-992E-1C0EFF33A2C1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A3C0AABF-18E1-4E19-8AF5-D4882180234B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A420F1FD-F1F1-410B-9B70-FBE7A74BFBAD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A42941B5-8946-402C-9FC7-3E3DEBDDA214}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A48BF0C0-A29D-4E45-9C4B-3953FC973160}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A4C9208E-F308-4DED-9D15-9B17E29A0E17}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A500ACF5-5F59-4F94-8040-9662D7DD382E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A5DEFE0E-A5C2-4107-8937-888A3566E337}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A5E7FBDD-6DBF-489E-B7D4-71633FA4D0E4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A604F9E2-B707-4BA4-9225-62F2955DCCC3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A636C292-988B-4A6C-8C80-FCC143C902F9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A6C802E3-068C-49D3-832B-3E2360C50439}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A740717B-964F-45DB-927F-1E5968F8DCDC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A79375E8-C7C7-4A60-8D21-868026837CB2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A8102C32-625D-455E-9DFC-71ED3A0C0E04}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A856BA9E-EB0F-407B-8DC2-B935BD91E976}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A8684799-25FF-41EF-A35A-4595635A785B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A89B6433-16B4-4592-9D5A-78DBB5613743}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{A9C37E93-9C57-4B06-9D68-9C7B2211A68D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AA0E1DC7-98F5-4A1A-A198-3E8DF2F6472C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AA1CB1EE-5720-4F7F-A9AB-83FA6EB7BDD7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AA954815-9D9B-4733-A748-A72E51298A6B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ABD8DEBC-8135-4EBC-B1A3-62A42143EBEA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AC7A6D74-7B05-4833-B767-0D6DD777ED84}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ACCBBBD6-C095-464C-8552-C95BB02F752B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ACFF19BB-B5F0-48F5-BB24-5276541DBF9F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ADFACB4E-6A03-49AA-AC16-6A3C7D1652DC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AE3A7058-93A5-4C42-8237-3A3D82F7D963}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AEE96486-68CD-4F18-A176-6A8179BD6B49}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AF0ED738-6ADF-4C50-9371-13F814699691}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{AF8A50C8-3595-49A0-9EB1-257C414B6490}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B00C3E07-EFB7-4BAC-8A1C-A43EC5CB6905}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B06181C4-2EB1-4EBB-BBB7-D2944D4B24C3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B1210A37-0D31-49F2-B502-800414F027A1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B2E4CFE1-0A89-45F0-AE21-AABFEEC17D77}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B42CC93B-F4FB-4198-8237-BE03F28383F6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B4B2DDD1-CEF0-4258-B12B-8C3A0EA5BDF7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B5195B3C-CA12-493C-9309-0FF44D772AEB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B58A52C8-DD37-4F67-9AB3-8E9B7AF62BA4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B5BB1F57-DA92-4DE0-8B76-AF5067DA75A7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B6259D6B-C9CE-4351-9AB3-29D5DD1991CF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B630C097-0814-412E-BDC0-0CBD2BE18CCF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B6D77FE5-52CE-44A1-8564-E8AC579CC82D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B7A69C2F-F016-4FFC-B5C7-22A5C3CB1919}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B7CFABFB-2D11-48DE-AE66-206E7E9AB0A0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B814720D-3AE3-468A-830E-E28931AA177C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B8159F37-917D-47F0-8336-2353B900B4F8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B8A2980F-FB7B-47FA-9FC4-E7264E0D4E92}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B8CE47E5-45C7-412C-AB21-93F2BF319438}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B8DD4368-9EC5-42FA-A9C3-B778CF66456D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B91358F0-B135-429F-8FF2-137DF1E0A141}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B93100F2-6821-4259-AA31-EA87C13B3E1D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B9568B00-1915-496E-85A4-9E558A2F442F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B99810EF-5A50-4B20-BF3F-38E5004EE5EE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B9996291-9DFA-472E-88DF-03E4D836E8F6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B9E0F96F-88A5-413E-B9E6-D945CFDBC22B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{B9EA5111-0E69-41FE-97A8-56875E217766}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BA3ED36D-2649-4629-AD45-557385A8C256}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BA80D7A9-B3AA-453A-940A-1E41FF1F396F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BABF0474-99DB-48CF-AB3E-35FFF20992B9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BAC656DC-3BDE-4FED-A0C5-28F0094160B5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BB93AE33-2AB1-49D7-81D8-1B364056996A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BC09D13E-5877-449A-A450-B51AC4627E81}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BC9576E6-99B6-40ED-8BFF-94F7619B8BEF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BD11FB6D-4650-4DAA-8954-3797E5A4B5E7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BE1DCBFB-9160-41CC-949E-1CB40D40E752}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BE825C5A-C305-4FC7-8157-61C1E019E5A6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BEEB57F7-0A3B-4693-93BF-81B7D98D9585}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{BF458AB5-56E9-4B12-B67D-B29D01556CCF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C0299633-0025-45B1-B7C6-1E5CEDFE0A1C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C12C7408-485C-4A53-995F-54DA1D0C15CF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C1BD045D-77F1-4D15-84C5-EE009D21B9CC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C253309A-2161-4625-A360-469999C43CD0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C299D575-145A-4245-9802-6196233E21EF}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C2D40CB5-0981-41BC-9A50-11E4E402EA6F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C2F9B4F9-D89B-4B80-995E-EF385D70840E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C3C1154B-63F0-42C6-8525-F9287C2CF28D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C3EC0EAC-2677-4C30-8ACF-53A93A708133}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C4B7A368-6F68-4A27-99D0-2B9EBDE7AF82}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C626B5C1-BF24-4D60-A7E4-F5E134803C66}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C679664E-6F87-4CB5-9F68-B00625FA46C1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C689482B-1E14-4130-9CEA-89CE6957DCE6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C70495E9-667D-4C7D-80F5-A05325CFB442}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C74144F7-2CCF-4D6E-997C-C08D8FA27C70}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C77B38CD-F456-46BE-B927-F71BE4009189}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C7D76D8D-FBA4-457F-A37D-69FD4A8292FC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C88A2040-8916-42E4-B3D0-D7CB4B1353C5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C8D8B3AA-6357-4450-A91A-92E74028BB44}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{C8EC740D-2AEA-4E41-9C59-D1DB584AAAC8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CA0FD43C-C3CF-4F32-A5C4-B455B8C976F5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CA2CB659-ED6D-4AD0-B1EC-71ACF445D1C4}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CA672B09-9716-4377-91BD-22AD811045F1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CB29F6AC-4EE5-4FB1-8C6A-B26BF38E670E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CBA5E383-AC5A-4008-B43D-3E738742077B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CBDCE606-3CB3-4858-9C01-E0BDD3030AF2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CBECD432-B57C-43EE-81BE-753244A14F87}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CC391989-5A82-4FF2-86F3-5900490B9E30}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CC73C8FD-D011-4982-88BF-7EDB794B49BB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CCCCEC6C-4664-4280-9F0C-927593E0369F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CCEC2C2D-E56A-4A6D-9C7B-5029257CF851}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CD0BE271-92B2-476D-BCE4-60A08937018F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CD680AE8-AEC2-4ADE-BA03-516578162E9B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CF38DDDC-4E0F-4AD3-B01C-C5E3E6DD8D10}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CF4E53BE-9B4F-4C43-9650-80C47FE490B2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CF712C96-6C5B-4916-9163-D0931998BC25}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CFCFC335-E87A-4C46-A684-49A1FDC54414}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{CFD8F69C-3293-4C0E-8054-55279B0DBDE8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D0624AEC-AFB7-4E43-A8D1-A0A023FC12F7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D0A23573-B92E-49B2-BB8D-56D91A6DE0E9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D127FAAD-56B9-467D-94F9-2EFC61C43C09}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D154354F-4E1A-4FF4-9CB0-46A7666A9453}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D15DD7ED-84EA-42BF-8C1C-2EF4BEBA3E78}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D1CC6B4C-7030-4090-BD23-32451210DF7D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D210E33F-50F7-44EB-B570-5942DD5DC243}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D2182F89-E50C-4C43-AFBC-D3782F831B7C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D23D2E51-961D-4FDC-838B-327FB570ED04}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D2C16231-C389-4177-B74A-33875E11CB8F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D2ED6A22-CB4B-4CAC-9022-4202AE00CCEE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D36921C7-A69F-46EF-B264-E1F433BBE416}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D3755A70-565A-4EFC-8E44-32F329B1ADC7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D4B8A25A-FF52-4348-AB61-6F9BD09F3357}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D4C18C7E-8A3B-45BA-A47D-3814903DDF60}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D5052DA4-1A7E-448C-9274-BEAAD05F8923}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D5388513-EC7F-41F4-98FF-DC8E925C8B0B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D5AAE3B7-964D-4B95-8521-8A12984A17C7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D5B892C6-BDB2-44E6-A3B9-B42B0E42A361}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D626EB57-824D-4C4D-9580-F300352BBD28}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D6479C8C-BFF3-46FC-9D35-F5CA59192C48}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D69BDBAA-94A9-478E-8334-A71914215E40}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D7047403-11CF-4FFB-B47E-51581A6C15C6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D78F1332-1020-498D-8037-942B9114B38A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D7B5BD29-6F96-4F47-B5DB-70249251D186}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D7CD0EB2-31F9-472D-84E1-1E6D6D7D6610}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D858D1D7-36A5-4E39-BAC5-855B540A3538}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D88E5BEE-5669-43C3-A64A-6D14C01E3011}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D8A129C0-1606-4250-BD1E-BA06F250EA83}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D8BE7BAC-1923-4D3D-B264-1520AB37D8EB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D92AEC93-4B3A-411A-9347-EDD63A0B2AD6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D963B7FB-D5E4-49A0-A777-670A4DEE1901}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{D9DACE82-FDC3-4B9D-BF11-C7F8CE7DBCA9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DA980334-C604-4632-8866-11F496D90A9C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DB1C4DA2-A1D0-4CCB-A069-F583D6AF91DC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DB2F544C-5F51-4A12-AA42-F350B1B6A529}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DB74075C-7ABD-4DD7-9339-26AA288F7516}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DC2F1218-EA67-474B-96C3-998678924120}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DC774DDF-5D1E-459F-B731-F239FF45C5F8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DD8CB631-BF39-4E8F-84DD-BFCDFA7ED509}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DE074215-5D35-4B7D-92F1-3059A2A5F6F2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DE2B6637-7CBE-44DE-A05F-6FF3230E545F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DECFCDC8-B5E6-41D7-A2E4-5281D40F7554}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DF0D256B-AD77-4D38-9F67-2AF0BBCD471F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DF7F2D86-8032-4E81-A29E-137DCC4F2761}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DF9AE133-3A59-4E3F-8D89-E74D7BCD9FCC}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{DFC15CCF-9F0B-4908-8BED-7FE163CB93B6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E0277525-F0AF-446B-9274-FF8E4AE65E5D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E03FF9D6-D252-42A0-865A-9ADFEDF9DFCA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E06361E0-7C54-4A29-AF22-3DC23E6830E0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E139DF90-DF73-4ED5-8A85-8C8C9CE07977}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E1DAE94F-5B54-4D40-8B85-9B62BD101153}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E287BA83-2C42-440B-AC8D-31B395B5DF90}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E437FF10-237B-4CCD-B782-83324AD21C1A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E4435D6A-450A-41A3-B881-3D3471F0083B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E4A3DC7A-19B5-4570-9D88-A4E06B8EE6AD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E4ADBDFA-950D-444F-B435-D324799A0B2D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E4E6CA9F-0F06-43C1-808B-B3C221252816}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E4F6F6CC-14CA-4CC3-80E4-0BF1FE327F62}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E5C49E91-66F9-4E89-9397-80FF88218F7A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E688F998-EF01-4219-A3F0-F8DA52D4934B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E68FB94E-7652-4021-928F-0AAFA058D343}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E7542D06-F36E-4F04-ADDB-319C652ADC68}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E786A395-8A4B-4508-81AD-DFBD431D166E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E94DE1A8-B178-4EC4-B6FC-FE78CDC752C5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E965D9B5-4B93-4653-878A-51523C404D4F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E965E1B6-2750-4D3B-B22B-BFE61F36130F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E9AF83F0-73F0-471B-AD36-22D66D6375B0}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{E9F8E89C-9E90-40CC-A09D-24484A8B9E77}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EA00B1C4-DEC6-4989-8EED-4CA928B6443D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EA054095-661F-4632-BBDE-1ABC49420EF2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EA14CC84-F8A3-4851-96FE-301D0322F773}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EA59FA85-53ED-4E96-B423-915B587C62D8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EAFA3EBC-1BA3-4765-8C9D-A3CE7667C17D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EC7A0A53-613D-4553-B556-ED1E86E49FC5}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ECCFE5E4-880C-411A-A27F-74B2256DE88E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ED18EAEE-42D9-478C-AF02-633E18CC7973}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ED6E212E-838E-4F47-8CFC-91ED12853D56}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{ED7AA25E-9715-4F3A-9270-644B6367F665}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EEEAA1E0-2B95-414C-8C3C-7D5F029BC24C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EF2396D8-1C2B-40BA-B5F6-CD0F1B34FBC2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EFD03913-DA6E-4C65-8F3D-2C1F6B4CA1EA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{EFF11F44-FAC0-4ECF-864A-9D901E08DFD2}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F021143E-055F-4D1E-A787-F393AB83F4BE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F064C0CF-5CDF-4B43-A11F-64125EA94819}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F0763F93-3EEB-4FED-9540-AFB954D6403C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F127D368-5F27-4E7B-9838-6344FE5CB5DB}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F3326D1F-0A54-422D-A02D-FD9FC184324D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F3A82A60-021F-4DF5-A3A3-1D5D5BE28FBD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F41C6A00-43A5-4DCA-80BD-74F11D030884}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F43370D0-8160-4487-B922-3C867C8B0C7C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F4661932-AEE2-40EA-907C-9AE4FFA0B378}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F502C720-18E5-4F42-81F6-5781AB1BB1F1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F5038C15-38D6-4B04-9C4F-7743F6A6F968}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F60CCE95-B500-4D9C-BFBF-B8C1C507262E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F63B3B15-2506-4066-8A71-3654E3E3EAD6}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F6EB9214-A707-40D0-9AC1-5A51F670829F}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F6FBC4E5-84A0-4E25-8582-E83C7BE73BA7}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F7298FFB-36CC-4586-9A28-C9C5724849B3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F7840DB8-98A2-4F8A-838B-9BBC7F419A42}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F7B81721-B4DE-4281-ABED-2FD819683CEA}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F7EB5E53-2258-4B0E-B041-46424EC16D0B}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F8472572-5539-4D80-9048-9052B3F7B0B9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F8A4D346-12E9-4294-83DD-0A4212075D0E}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F91347A5-9855-460E-B7E3-5375E3FB8D58}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F97039E2-4A98-4E1E-BA68-6A991960D4FD}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F98CE9FA-D4F8-4FFA-90B6-F6375962915A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{F9C83924-AE79-45BB-8E53-D48CEC27E73C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FA20CE03-904C-4EB6-9305-8704827FFDC9}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FA389D34-5D4D-4A61-AC02-0AAAA759557D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FB1851C7-A044-4C23-AA02-9FB69F9C9274}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FB84FB38-858A-4B07-9F5C-3D751C976D43}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FBB62C47-F8B0-4A03-9C78-36E123CDF8DE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FC84BB7B-E4E8-4D1F-B242-0B73E5DDF15C}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FC86DDAB-5906-495B-B79C-3DDF6CD3F284}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FCD48060-3EF3-4BA7-8962-7670A5BAFFF3}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FD0EB5A0-B417-4897-BCAE-C424C620EAD8}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FDB1EB12-239B-4756-B8E8-C19B747AA31A}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FDE88A37-3643-43C7-885A-AAABC0E576D1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FDEC657B-6932-4B54-9F18-BDB475C96D37}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FE081532-20F2-441C-A632-2ADB75A1B243}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FE139FE5-E05F-4CBC-971C-FEF6450098BE}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FF3C44FB-6F9F-4CBC-97DD-F17484EEFF2D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FF41AA3F-4DBC-4457-B0AF-7BB59EC73FF1}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FFA83294-8FD7-40CA-85CC-05D1C4A0484D}
Successfully deleted: [Empty Folder] C:\Users\Britta\appdata\local\{FFC2F6C7-6BC8-4D73-88FD-4E71733FEEA0}
~~~ FireFox
Successfully deleted the following from C:\Users\Britta\AppData\Roaming\mozilla\firefox\profiles\5krze1cn.default\prefs.js
user_pref("social.manifest.facebook", "{\"origin\":\"hxxps://www.facebook.com\",\"name\":\"Facebook Share\",\"shareURL\":\"hxxps://www.facebook.com/sharer/sharer.php?u=%{url}\
Emptied folder: C:\Users\Britta\AppData\Roaming\mozilla\firefox\profiles\5krze1cn.default\minidumps [335 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.03.2015 at 22:36:36,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
11.03.2015, 22:47
| #10 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by Britta (administrator) on BRITTA-PC on 11-03-2015 22:39:49
Running from C:\Users\Britta\Desktop
Loaded Profiles: Britta (Available profiles: Britta)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Wistron Corp.) C:\Program Files\CapsLK OSD\64\Capsosd.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG64.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2396968 2010-10-21] (Synaptics Incorporated)
HKLM\...\Run: [{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}] => C:\Program Files\CapsLK OSD\64\CAPSOSD.EXE [3699752 2010-10-25] (Wistron Corp.)
HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231328 2010-03-15] (Lenovo.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-04-03] (Lenovo)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9745312 2011-04-03] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5374880 2011-04-03] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-12-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2903448 2011-06-06] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\Extensions\abs@avira.com [2015-03-09]
FF Extension: Adblock Plus - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-03]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-05-03]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-12-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [907040 2010-05-10] (Broadcom Corporation.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [107736 2015-03-09] (Malwarebytes Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U2 Stereo Service; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-11 22:36 - 2015-03-11 22:36 - 00075002 _____ () C:\Users\Britta\Desktop\JRT.txt
2015-03-11 22:28 - 2015-03-11 22:28 - 01388333 _____ (Thisisu) C:\Users\Britta\Desktop\JRT.exe
2015-03-11 22:13 - 2015-03-11 22:21 - 00000000 ____D () C:\AdwCleaner
2015-03-11 22:06 - 2015-03-11 22:06 - 02171392 _____ () C:\Users\Britta\Desktop\AdwCleaner_4.112.exe
2015-03-10 23:55 - 2015-03-10 23:55 - 00031663 _____ () C:\ComboFix.txt
2015-03-10 23:24 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-10 23:24 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-10 23:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-10 23:23 - 2015-03-10 23:55 - 00000000 ____D () C:\Qoobox
2015-03-10 23:23 - 2015-03-10 23:50 - 00000000 ____D () C:\windows\erdnt
2015-03-10 23:19 - 2015-03-10 23:19 - 05613296 ____R (Swearware) C:\Users\Britta\Desktop\ComboFix.exe
2015-03-09 23:57 - 2015-03-09 23:58 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Britta\Desktop\tdsskiller.exe
2015-03-09 21:48 - 2015-03-09 23:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-09 21:44 - 2015-03-09 23:57 - 00000000 ____D () C:\Users\Britta\Desktop\mbar
2015-03-09 21:39 - 2015-03-09 21:44 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Britta\Desktop\mbar-1.09.1.1004.exe
2015-03-09 11:51 - 2015-03-09 11:51 - 00007370 _____ () C:\Users\Britta\Desktop\gmer.txt
2015-03-09 11:28 - 2015-03-09 11:28 - 00380416 _____ () C:\Users\Britta\Desktop\Gmer-19357.exe
2015-03-09 11:27 - 2015-03-09 11:33 - 00029391 _____ () C:\Users\Britta\Desktop\Addition.txt
2015-03-09 11:25 - 2015-03-11 22:39 - 00016696 _____ () C:\Users\Britta\Desktop\FRST.txt
2015-03-09 11:24 - 2015-03-11 22:39 - 00000000 ____D () C:\FRST
2015-03-09 11:24 - 2015-03-09 11:24 - 02095104 _____ (Farbar) C:\Users\Britta\Desktop\FRST64.exe
2015-03-09 11:23 - 2015-03-09 11:23 - 00000474 _____ () C:\Users\Britta\Desktop\defogger_disable.log
2015-03-09 11:23 - 2015-03-09 11:23 - 00000000 _____ () C:\Users\Britta\defogger_reenable
2015-03-09 11:22 - 2015-03-09 11:22 - 00050477 _____ () C:\Users\Britta\Desktop\Defogger.exe
2015-03-09 06:54 - 2015-03-10 23:22 - 00001912 _____ () C:\windows\epplauncher.mif
2015-03-09 06:51 - 2015-03-09 06:51 - 14179480 _____ (Microsoft Corporation) C:\Users\Britta\Downloads\mseinstall.exe
2015-03-09 06:47 - 2015-03-09 06:47 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\Avira
2015-03-09 06:35 - 2015-03-09 06:35 - 00985600 _____ () C:\Users\Britta\Downloads\MicrosoftFixit50123.msi
2015-03-09 06:15 - 2015-03-09 06:15 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-09 06:15 - 2015-03-09 06:15 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-09 04:26 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-03-09 04:26 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-03-09 04:16 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-09 04:16 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-09 04:16 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-09 04:16 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-09 03:34 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2015-03-09 03:13 - 2015-03-09 03:13 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-09 03:13 - 2015-03-09 03:13 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-09 03:13 - 2015-03-09 03:13 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-09 03:13 - 2015-03-09 03:13 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-09 03:13 - 2015-03-09 03:13 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2015-03-09 03:13 - 2015-03-09 03:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2015-03-09 03:13 - 2015-03-09 03:13 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-03-09 03:13 - 2015-03-09 03:13 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-03-09 03:13 - 2015-03-09 03:13 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2015-03-09 03:13 - 2015-03-09 03:13 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2015-03-09 03:13 - 2015-03-09 03:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-09 03:00 - 2015-03-09 03:34 - 00014780 _____ () C:\windows\IE11_main.log
2015-03-09 00:14 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-09 00:14 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-09 00:14 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-09 00:14 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-09 00:14 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-09 00:14 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-09 00:14 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-09 00:14 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-09 00:14 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-09 00:14 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2015-03-08 23:57 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2015-03-08 23:57 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2015-03-08 23:57 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2015-03-08 23:57 - 2012-06-02 15:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-03-08 23:20 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2015-03-08 23:20 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2015-03-08 23:20 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2015-03-08 23:20 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2015-03-08 23:20 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2015-03-08 23:20 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2015-03-08 23:20 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2015-03-08 23:20 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2015-03-08 23:16 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-03-08 23:16 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2015-03-08 23:16 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2015-03-08 23:16 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2015-03-08 23:16 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-08 23:15 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-08 23:15 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-03-08 23:15 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-08 23:15 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-08 23:15 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-08 23:15 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-08 23:15 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-08 23:15 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-08 23:15 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-08 23:15 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-08 23:15 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-08 23:15 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-08 23:15 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-08 23:15 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-08 23:15 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-08 23:15 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-08 23:15 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-08 23:15 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-08 23:15 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-08 23:15 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-08 23:15 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2015-03-08 23:15 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2015-03-08 23:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2015-03-08 23:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2015-03-08 23:15 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2015-03-08 23:15 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2015-03-08 23:15 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2015-03-08 23:15 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2015-03-08 23:15 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2015-03-08 23:15 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2015-03-08 23:15 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2015-03-08 23:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2015-03-08 23:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2015-03-08 23:15 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2015-03-08 23:15 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2015-03-08 23:15 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2015-03-08 23:15 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2015-03-08 23:15 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2015-03-08 23:14 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2015-03-08 23:14 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-03-08 23:14 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2015-03-08 23:14 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-03-08 23:13 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2015-03-08 23:13 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2015-03-08 23:13 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2015-03-08 23:12 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-08 23:12 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-08 23:12 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2015-03-08 23:12 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2015-03-08 23:12 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-08 23:12 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-08 23:12 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-08 23:12 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-08 23:12 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-08 23:12 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2015-03-08 23:11 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2015-03-08 23:11 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2015-03-08 23:11 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-03-08 23:11 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-03-08 23:11 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2015-03-08 23:11 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2015-03-08 23:11 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2015-03-08 23:11 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2015-03-08 23:11 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2015-03-08 23:11 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2015-03-08 23:11 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2015-03-08 23:11 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2015-03-08 23:11 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2015-03-08 23:11 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2015-03-08 23:11 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2015-03-08 23:10 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-03-08 23:10 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-03-08 23:10 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-03-08 23:10 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-03-08 23:10 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-03-08 23:10 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-03-08 23:10 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-08 23:10 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-08 23:10 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-03-08 23:10 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-03-08 23:10 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-03-08 23:10 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-03-08 23:10 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2015-03-08 23:10 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2015-03-08 23:10 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-03-08 23:10 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2015-03-08 23:10 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2015-03-08 23:10 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-03-08 23:10 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-03-08 23:10 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-03-08 23:10 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-03-08 23:10 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-03-08 23:10 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-03-08 23:10 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2015-03-08 23:10 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2015-03-08 23:10 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2015-03-08 23:10 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2015-03-08 23:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2015-03-08 23:10 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2015-03-08 23:10 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2015-03-08 23:10 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2015-03-08 23:10 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2015-03-08 23:10 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2015-03-08 23:10 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-03-08 23:10 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-03-08 23:10 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-03-08 23:10 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-03-08 23:10 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-03-08 23:10 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-03-08 23:10 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2015-03-08 23:10 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2015-03-08 23:10 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2015-03-08 23:10 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2015-03-08 23:10 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-08 23:10 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-08 23:10 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-08 23:10 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-08 23:10 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-08 23:10 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-08 23:10 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-08 23:10 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-08 23:10 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-08 23:10 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-08 23:10 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2015-03-08 23:10 - 2013-04-01 07:03 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_AuthenticAMD.dll
2015-03-08 23:10 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2015-03-08 23:10 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2015-03-08 23:10 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2015-03-08 23:10 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2015-03-08 23:10 - 2012-11-28 23:56 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-03-08 23:10 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2015-03-08 23:10 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2015-03-08 23:09 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2015-03-08 23:09 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2015-03-08 23:09 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2015-03-08 23:09 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2015-03-08 23:09 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2015-03-08 23:09 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2015-03-08 23:09 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2015-03-08 23:08 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-08 23:08 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-08 23:08 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-08 23:08 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-08 23:08 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-08 23:08 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-08 23:08 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-08 23:08 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-08 23:08 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-08 22:56 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2015-03-08 22:56 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2015-03-08 22:56 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2015-03-08 22:56 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2015-03-08 22:56 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2015-03-08 22:56 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2015-03-08 22:56 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2015-03-08 22:56 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-03-08 22:56 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-03-08 22:56 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-03-08 22:56 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-03-08 22:55 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-03-08 22:55 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-03-08 22:55 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-03-08 22:55 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-03-08 22:55 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-03-08 22:55 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-03-08 22:54 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2015-03-08 22:54 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2015-03-08 22:54 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2015-03-08 22:54 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2015-03-08 22:54 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2015-03-08 22:51 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2015-03-08 22:51 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2015-03-08 22:50 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-08 22:50 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-08 22:50 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-08 22:50 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-08 22:48 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-08 22:48 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-08 22:48 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2015-03-08 22:48 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2015-03-08 22:48 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2015-03-08 22:48 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2015-03-08 22:48 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2015-03-08 22:48 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2015-03-08 22:47 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-08 22:47 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-03-08 22:47 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-03-08 22:47 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2015-03-08 22:47 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2015-03-08 22:47 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-03-08 22:47 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-03-08 22:47 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-03-08 22:47 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-03-08 22:47 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-03-08 22:47 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-03-08 22:47 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-03-08 22:47 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-03-08 22:47 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-03-08 22:47 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-03-08 22:47 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-03-08 22:47 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-03-08 22:47 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-03-08 22:47 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2015-03-08 22:47 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2015-03-08 22:47 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-03-08 22:46 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-03-08 22:46 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-03-08 22:46 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-03-08 22:46 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-03-08 22:46 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2015-03-08 22:46 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2015-03-08 22:46 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-03-08 22:46 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-03-08 22:46 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-03-08 22:46 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-08 22:46 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-08 22:46 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-08 22:46 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-08 22:46 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-03-08 22:46 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-03-08 22:46 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2015-03-08 22:46 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2015-03-08 22:46 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2015-03-08 22:46 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2015-03-08 22:46 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2015-03-08 22:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2015-03-08 22:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2015-03-08 22:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2015-03-08 22:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2015-03-08 22:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2015-03-08 22:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2015-03-08 22:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2015-03-08 22:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2015-03-08 22:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-08 22:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-08 22:46 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2015-03-08 22:46 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2015-03-08 22:45 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-03-08 22:45 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-03-08 22:45 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2015-03-08 22:45 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2015-03-08 22:45 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2015-03-08 22:45 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2015-03-08 22:45 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2015-03-08 22:45 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2015-03-08 22:45 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2015-03-08 22:45 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2015-03-08 22:45 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-03-08 22:45 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-03-08 22:45 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2015-03-08 22:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-03-08 22:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-03-08 22:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-03-08 22:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-03-08 22:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-03-08 22:45 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2015-03-08 22:45 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2015-03-08 22:45 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2015-03-08 22:45 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2015-03-08 22:45 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2015-03-08 20:45 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-03-08 20:45 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-03-08 20:45 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-03-08 20:45 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-03-08 20:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-03-08 20:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-03-08 20:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-03-08 20:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-03-08 20:44 - 2015-03-08 20:44 - 00054180 _____ () C:\Users\Britta\Desktop\Extras.Txt
2015-03-08 20:40 - 2015-03-08 20:40 - 00072640 _____ () C:\Users\Britta\Desktop\OTL.Txt
2015-03-08 20:19 - 2015-03-08 20:19 - 00602112 _____ (OldTimer Tools) C:\Users\Britta\Downloads\OTL(1).exe
2015-03-08 20:18 - 2015-03-08 20:18 - 00602112 _____ (OldTimer Tools) C:\Users\Britta\Desktop\OTL.exe
2015-03-08 20:17 - 2015-03-11 22:05 - 00001202 _____ () C:\Users\Britta\Desktop\mbam.txt
2015-03-08 20:17 - 2015-03-08 20:17 - 00001204 _____ () C:\Users\Britta\Desktop\mbam1.txt
2015-03-08 17:08 - 2015-03-11 22:28 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 17:08 - 2015-03-09 22:45 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-08 17:08 - 2015-03-08 17:08 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 17:08 - 2015-03-08 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-08 17:08 - 2015-03-08 17:08 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-08 17:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-08 17:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-08 17:07 - 2015-03-08 17:07 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Britta\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-08 17:03 - 2015-03-08 17:03 - 00011467 _____ () C:\Users\Britta\Documents\prüfung2.txt
2015-03-08 16:50 - 2015-03-08 16:50 - 00011979 _____ () C:\Users\Britta\Documents\prüfung.txt
2015-03-08 16:48 - 2015-03-08 16:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\Britta\Downloads\HiJackThis204.exe
2015-03-08 16:45 - 2015-03-08 16:45 - 00347816 _____ (Microsoft Corporation) C:\Users\Britta\Downloads\MicrosoftFixit.wu.LB.834928548827129.1.1.Run.exe
2015-03-08 16:44 - 2015-03-08 16:44 - 163016912 _____ () C:\Users\Britta\Downloads\avira_free650_antivirus_de.exe
2015-03-08 16:43 - 2015-03-08 16:43 - 40824144 _____ () C:\Users\Britta\Downloads\Firefox_Setup_36.0.1.exe
2015-03-08 16:43 - 2015-03-08 16:43 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-08 16:43 - 2015-03-08 16:43 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 13:49 - 2015-03-08 13:49 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de(2).zip
2015-03-08 13:49 - 2015-03-08 13:49 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de(1).zip
2015-03-08 12:56 - 2015-03-08 12:56 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de.zip
2015-03-08 12:06 - 2015-03-08 12:08 - 00000260 _____ () C:\Descriptors.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-11 22:35 - 2012-04-05 09:37 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-11 22:33 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-11 22:33 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-11 22:31 - 2011-04-03 00:43 - 09601024 _____ () C:\windows\system32\TPAPSLOG.LOG
2015-03-11 22:29 - 2011-04-03 07:19 - 00659238 _____ () C:\windows\system32\perfh007.dat
2015-03-11 22:29 - 2011-04-03 07:19 - 00132776 _____ () C:\windows\system32\perfc007.dat
2015-03-11 22:29 - 2009-07-14 06:13 - 01512418 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-11 22:24 - 2011-04-03 00:43 - 00722432 _____ () C:\windows\system32\TPHDLOG0.LOG
2015-03-11 22:23 - 2011-04-03 00:53 - 00130124 _____ () C:\windows\system32\fastboot.set
2015-03-11 22:23 - 2011-04-03 00:50 - 03568230 _____ () C:\FaceProv.log
2015-03-11 22:23 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-11 22:23 - 2009-07-14 05:51 - 00116145 _____ () C:\windows\setupact.log
2015-03-11 22:22 - 2011-04-03 00:01 - 01273227 _____ () C:\windows\WindowsUpdate.log
2015-03-10 23:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-10 23:45 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-03-10 23:41 - 2011-05-03 03:19 - 00350732 _____ () C:\windows\PFRO.log
2015-03-10 00:39 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-03-09 11:54 - 2011-05-22 20:32 - 00000000 ____D () C:\windows\System32\Tasks\Games
2015-03-09 11:33 - 2011-11-26 19:25 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\uTorrent
2015-03-09 11:23 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta
2015-03-09 06:49 - 2013-05-02 09:48 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-09 06:41 - 2012-10-30 16:42 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-03-09 06:41 - 2012-10-30 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-09 06:29 - 2011-05-03 19:30 - 00087792 _____ () C:\Users\Britta\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-09 06:28 - 2011-05-03 19:29 - 00001421 _____ () C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 06:26 - 2009-07-29 08:00 - 00000000 ____D () C:\windows\Panther
2015-03-09 06:21 - 2009-07-14 05:45 - 00335608 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-09 06:15 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-03-09 06:15 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2015-03-09 06:14 - 2009-07-29 08:23 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-09 06:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-09 06:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\zh-HK
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\tr-TR
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-08 18:35 - 2012-04-05 09:37 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-03-08 18:35 - 2012-04-05 09:37 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-03-08 18:35 - 2011-09-02 13:10 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-08 17:01 - 2013-10-05 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-08 16:49 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta\AppData\Local\VirtualStore
2015-03-08 16:43 - 2014-11-15 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 16:38 - 2012-10-30 16:42 - 00000000 ____D () C:\ProgramData\Avira
2015-03-08 16:37 - 2014-08-06 08:15 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-08 16:37 - 2013-06-17 14:19 - 00000000 ____D () C:\windows\Minidump
2015-03-08 16:37 - 2012-10-30 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-08 16:37 - 2011-10-30 09:23 - 00000000 ____D () C:\windows\system32\Macromed
2015-03-08 16:37 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-03-08 16:37 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2015-03-08 01:47 - 2011-05-28 11:43 - 00000000 ____D () C:\Users\Britta\Tracing
2015-02-25 17:53 - 2013-04-10 00:49 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-02-25 17:53 - 2013-04-10 00:49 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
==================== Files in the root of some directories =======
2013-02-01 12:06 - 2013-02-01 12:06 - 0003584 _____ () C:\Users\Britta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\Britta\AppData\Local\Temp\avgnt.exe
C:\Users\Britta\AppData\Local\Temp\Quarantine.exe
C:\Users\Britta\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-07 18:59
==================== End Of Log ============================
|
|
12.03.2015, 12:16
| #11 |
| /// the machine /// TB-Ausbilder | Windows 7: Trojaner - Windows Updates, Firewall defektESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.03.2015, 16:45
| #12 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt Also ESET hat 4 Funde angezeigt :/ Soll ich nun noch einmal probieren, die Windows Updates zu installieren usw.? ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=da7333bd4295424da589592e5b1cc1cb
# engine=22872
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-12 11:48:44
# local_time=2015-03-12 12:48:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 286458 177790774 0 0
# scanned=135
# found=0
# cleaned=0
# scan_time=39
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=da7333bd4295424da589592e5b1cc1cb
# engine=22872
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-12 03:12:28
# local_time=2015-03-12 04:12:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 298682 177802998 0 0
# scanned=268990
# found=4
# cleaned=0
# scan_time=12166
sh=61166A41FD5190656C34BDDE77970F9BBCB8C4A4 ft=1 fh=ded9ef40833f76ba vn="Win32/Adware.Softomate.AD Anwendung" ac=I fn="F:\Britta\Musik\music\mytheme-347165-11050628702503.exe"
sh=F543C70857544500AC50EFE5E4DE3879274CCC3B ft=1 fh=6c7a48e89fb8d5a1 vn="Variante von Win32/MessengerPlus evtl. unerwünschte Anwendung" ac=I fn="F:\Britta\Sachen vom Desktop\programme\MsgPlusLive-423.exe"
sh=0A1FF4E8ECE13E240FF52B67CD57B0710AF10CBB ft=1 fh=094afa667a6bedfe vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="F:\Neuer Ordner (2)\Babylon9_setup.exe"
sh=BEFA3A0AF096D0E0630C41D674B3E9C012F0682B ft=0 fh=0000000000000000 vn="JS/SecurityDisabler.A.Gen evtl. unerwünschte Anwendung" ac=I fn="F:\Sicherung 10-04-13\Firefox 19.0.2 (de) - 2013-04-10.pcv"
Code:
ATTFilter Results of screen317's Security Check version 0.99.97
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox (36.0.1)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Britta (administrator) on BRITTA-PC on 12-03-2015 16:39:13
Running from C:\Users\Britta\Desktop
Loaded Profiles: Britta (Available profiles: Britta)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Wistron Corp.) C:\Program Files\CapsLK OSD\64\Capsosd.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera2\VM332_STI.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Lenovo.) C:\Windows\System32\TPHDEXLG64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTStackServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2396968 2010-10-21] (Synaptics Incorporated)
HKLM\...\Run: [{BA1E422A-80A8-4AA0-B67B-CAA3D04C5162}] => C:\Program Files\CapsLK OSD\64\CAPSOSD.EXE [3699752 2010-10-25] (Wistron Corp.)
HKLM\...\Run: [TpShocks] => C:\Windows\System32\TpShocks.exe [231328 2010-03-15] (Lenovo.)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-04-03] (Lenovo)
HKLM\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9745312 2011-04-03] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5374880 2011-04-03] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2010-12-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [332BigDog] => C:\Program Files (x86)\USB Camera2\VM332_STI.EXE [536576 2010-01-19] (Vimicro)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2903448 2011-06-06] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll ()
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Britta\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com
HKU\S-1-5-21-207437039-3126598301-4264572741-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-06-12] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-06-06] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-08] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-04-05] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-06-06] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\Extensions\abs@avira.com [2015-03-09]
FF Extension: Adblock Plus - C:\Users\Britta\AppData\Roaming\Mozilla\Firefox\Profiles\5krze1cn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-03]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-05-03]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [354304 2010-12-20] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD Reservation Manager; C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [907040 2010-05-10] (Broadcom Corporation.)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-02] (Avira Operations GmbH & Co. KG)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [107736 2015-03-09] (Malwarebytes Corporation)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
U2 DriverService; No ImagePath
U2 IAStorDataMgrSvc; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 nvUpdatusService; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerServic; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
U2 RtLedService; No ImagePath
U2 SoftwareService; No ImagePath
U2 Stereo Service; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-12 16:39 - 2015-03-12 16:39 - 00000000 ____D () C:\Users\Britta\Desktop\FRST-OlderVersion
2015-03-12 16:26 - 2015-03-12 16:26 - 00852604 _____ () C:\Users\Britta\Desktop\SecurityCheck.exe
2015-03-12 12:24 - 2015-03-12 12:24 - 02347384 _____ (ESET) C:\Users\Britta\Desktop\esetsmartinstaller_deu.exe
2015-03-11 22:36 - 2015-03-11 22:36 - 00075002 _____ () C:\Users\Britta\Desktop\JRT.txt
2015-03-11 22:28 - 2015-03-11 22:28 - 01388333 _____ (Thisisu) C:\Users\Britta\Desktop\JRT.exe
2015-03-11 22:13 - 2015-03-11 22:21 - 00000000 ____D () C:\AdwCleaner
2015-03-11 22:06 - 2015-03-11 22:06 - 02171392 _____ () C:\Users\Britta\Desktop\AdwCleaner_4.112.exe
2015-03-10 23:55 - 2015-03-10 23:55 - 00031663 _____ () C:\ComboFix.txt
2015-03-10 23:24 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-10 23:24 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-10 23:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-10 23:24 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-10 23:23 - 2015-03-10 23:55 - 00000000 ____D () C:\Qoobox
2015-03-10 23:23 - 2015-03-10 23:50 - 00000000 ____D () C:\windows\erdnt
2015-03-10 23:19 - 2015-03-10 23:19 - 05613296 ____R (Swearware) C:\Users\Britta\Desktop\ComboFix.exe
2015-03-09 23:57 - 2015-03-09 23:58 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Britta\Desktop\tdsskiller.exe
2015-03-09 21:48 - 2015-03-09 23:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-09 21:44 - 2015-03-09 23:57 - 00000000 ____D () C:\Users\Britta\Desktop\mbar
2015-03-09 21:39 - 2015-03-09 21:44 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Britta\Desktop\mbar-1.09.1.1004.exe
2015-03-09 11:51 - 2015-03-09 11:51 - 00007370 _____ () C:\Users\Britta\Desktop\gmer.txt
2015-03-09 11:28 - 2015-03-09 11:28 - 00380416 _____ () C:\Users\Britta\Desktop\Gmer-19357.exe
2015-03-09 11:27 - 2015-03-09 11:33 - 00029391 _____ () C:\Users\Britta\Desktop\Addition.txt
2015-03-09 11:25 - 2015-03-12 16:39 - 00016740 _____ () C:\Users\Britta\Desktop\FRST.txt
2015-03-09 11:24 - 2015-03-12 16:39 - 02095616 _____ (Farbar) C:\Users\Britta\Desktop\FRST64.exe
2015-03-09 11:24 - 2015-03-12 16:39 - 00000000 ____D () C:\FRST
2015-03-09 11:23 - 2015-03-09 11:23 - 00000474 _____ () C:\Users\Britta\Desktop\defogger_disable.log
2015-03-09 11:23 - 2015-03-09 11:23 - 00000000 _____ () C:\Users\Britta\defogger_reenable
2015-03-09 11:22 - 2015-03-09 11:22 - 00050477 _____ () C:\Users\Britta\Desktop\Defogger.exe
2015-03-09 06:54 - 2015-03-10 23:22 - 00001912 _____ () C:\windows\epplauncher.mif
2015-03-09 06:51 - 2015-03-09 06:51 - 14179480 _____ (Microsoft Corporation) C:\Users\Britta\Downloads\mseinstall.exe
2015-03-09 06:47 - 2015-03-09 06:47 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\Avira
2015-03-09 06:35 - 2015-03-09 06:35 - 00985600 _____ () C:\Users\Britta\Downloads\MicrosoftFixit50123.msi
2015-03-09 06:15 - 2015-03-09 06:15 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-03-09 06:15 - 2015-03-09 06:15 - 00000000 ____D () C:\windows\system32\appraiser
2015-03-09 04:26 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-03-09 04:26 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-03-09 04:16 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-09 04:16 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-09 04:16 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-09 04:16 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-09 03:34 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\windows\system32\IEUDINIT.EXE
2015-03-09 03:13 - 2015-03-09 03:13 - 23212032 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 17142784 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 12995584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 11220992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 05765120 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 04240384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 02764288 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-09 03:13 - 2015-03-09 03:13 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-09 03:13 - 2015-03-09 03:13 - 02332160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 02166272 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-09 03:13 - 2015-03-09 03:13 - 01926656 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-09 03:13 - 2015-03-09 03:13 - 01818112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01394176 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01228800 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01156608 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00942592 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00645120 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsIntl.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00616104 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dat
2015-03-09 03:13 - 2015-03-09 03:13 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2015-03-09 03:13 - 2015-03-09 03:13 - 00610304 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00523776 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00413696 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-03-09 03:13 - 2015-03-09 03:13 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-03-09 03:13 - 2015-03-09 03:13 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00263376 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00244736 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00238288 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00233472 _____ (Microsoft Corporation) C:\windows\SysWOW64\url.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00208384 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\elshyph.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msls31.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00167424 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00151552 _____ (Microsoft Corporation) C:\windows\SysWOW64\iexpress.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00147968 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00143872 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wextract.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00131072 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\IEAdvpack.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00105984 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00101376 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00086016 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00083456 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00077312 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2015-03-09 03:13 - 2015-03-09 03:13 - 00074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\SetIEInstalledDate.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardie.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2015-03-09 03:13 - 2015-03-09 03:13 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\pngfilt.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmler.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00040448 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\imgutil.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\licmgr10.dll
2015-03-09 03:13 - 2015-03-09 03:13 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshta.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00012800 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedssync.exe
2015-03-09 03:13 - 2015-03-09 03:13 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 02776576 _____ (Microsoft Corporation) C:\windows\system32\msmpeg2vdec.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 02284544 _____ (Microsoft Corporation) C:\windows\SysWOW64\msmpeg2vdec.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01682432 _____ (Microsoft Corporation) C:\windows\system32\XpsPrint.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01238528 _____ (Microsoft Corporation) C:\windows\system32\d3d10.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01175552 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01158144 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsPrint.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 01080832 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00648192 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00604160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00522752 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00363008 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00333312 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\d3d10core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00293376 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00249856 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00245248 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecsExt.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\UIAnimation.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10core.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00207872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecsExt.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00194560 _____ (Microsoft Corporation) C:\windows\system32\d3d10_1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIAnimation.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10_1.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00010752 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00010752 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00009728 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00009728 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00005632 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00002560 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-09 03:06 - 2015-03-09 03:06 - 00002560 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-03-09 03:00 - 2015-03-09 03:34 - 00014780 _____ () C:\windows\IE11_main.log
2015-03-09 00:14 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-09 00:14 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-09 00:14 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-09 00:14 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-09 00:14 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-09 00:14 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-09 00:14 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-09 00:14 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-09 00:14 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-09 00:14 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\windows\system32\WUDFx.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2015-03-08 23:57 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2015-03-08 23:57 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\WUDFCoinstaller.dll
2015-03-08 23:57 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2015-03-08 23:57 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2015-03-08 23:57 - 2012-06-02 15:57 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-03-08 23:20 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2015-03-08 23:20 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2015-03-08 23:20 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2015-03-08 23:20 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2015-03-08 23:20 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2015-03-08 23:20 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2015-03-08 23:20 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2015-03-08 23:20 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2015-03-08 23:16 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2015-03-08 23:16 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore6.dll
2015-03-08 23:16 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\windows\system32\dhcpcsvc6.dll
2015-03-08 23:16 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore6.dll
2015-03-08 23:16 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcsvc6.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-03-08 23:15 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-03-08 23:15 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-03-08 23:15 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-03-08 23:15 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-08 23:15 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-08 23:15 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-08 23:15 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-08 23:15 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-08 23:15 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-08 23:15 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-08 23:15 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-08 23:15 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-08 23:15 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-08 23:15 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-08 23:15 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-08 23:15 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-08 23:15 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-08 23:15 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-08 23:15 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-08 23:15 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-08 23:15 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-08 23:15 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2015-03-08 23:15 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2015-03-08 23:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2015-03-08 23:15 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2015-03-08 23:15 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2015-03-08 23:15 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2015-03-08 23:15 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2015-03-08 23:15 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2015-03-08 23:15 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2015-03-08 23:15 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2015-03-08 23:15 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2015-03-08 23:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2015-03-08 23:15 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2015-03-08 23:15 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2015-03-08 23:15 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2015-03-08 23:15 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2015-03-08 23:15 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2015-03-08 23:15 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2015-03-08 23:14 - 2014-03-04 10:44 - 00722944 _____ (Microsoft Corporation) C:\windows\system32\objsel.dll
2015-03-08 23:14 - 2014-03-04 10:44 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-03-08 23:14 - 2014-03-04 10:44 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\wincredprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00057344 _____ (Microsoft Corporation) C:\windows\system32\cngprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\adprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\capiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\dpapiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:43 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\dimsroam.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\windows\SysWOW64\objsel.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\cngprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\windows\SysWOW64\adprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\windows\SysWOW64\capiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpapiprovider.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\dimsroam.dll
2015-03-08 23:14 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wincredprovider.dll
2015-03-08 23:14 - 2014-03-04 10:16 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-03-08 23:13 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2015-03-08 23:13 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2015-03-08 23:13 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2015-03-08 23:12 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-08 23:12 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-08 23:12 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
2015-03-08 23:12 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
2015-03-08 23:12 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-08 23:12 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-08 23:12 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-08 23:12 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-08 23:12 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-08 23:12 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
2015-03-08 23:11 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\windows\system32\mscories.dll
2015-03-08 23:11 - 2014-06-18 03:18 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2015-03-08 23:11 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2015-03-08 23:11 - 2014-04-05 03:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2015-03-08 23:11 - 2014-04-05 03:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2015-03-08 23:11 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\wwansvc.dll
2015-03-08 23:11 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2015-03-08 23:11 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2015-03-08 23:11 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2015-03-08 23:11 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
2015-03-08 23:11 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
2015-03-08 23:11 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\netcorehc.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
2015-03-08 23:11 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2015-03-08 23:11 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
2015-03-08 23:11 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcorehc.dll
2015-03-08 23:11 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2015-03-08 23:11 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
2015-03-08 23:10 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-03-08 23:10 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-03-08 23:10 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-03-08 23:10 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-03-08 23:10 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-03-08 23:10 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-03-08 23:10 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-08 23:10 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-08 23:10 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-03-08 23:10 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-03-08 23:10 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-03-08 23:10 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-03-08 23:10 - 2014-06-06 11:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2015-03-08 23:10 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2015-03-08 23:10 - 2014-05-30 07:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2015-03-08 23:10 - 2014-04-25 03:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2015-03-08 23:10 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2015-03-08 23:10 - 2014-03-26 15:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-03-08 23:10 - 2014-03-26 15:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-03-08 23:10 - 2014-03-26 15:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-03-08 23:10 - 2014-03-26 15:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-03-08 23:10 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2015-03-08 23:10 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2015-03-08 23:10 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbccgp.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbohci.sys
2015-03-08 23:10 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2015-03-08 23:10 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2015-03-08 23:10 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
2015-03-08 23:10 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2015-03-08 23:10 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\imagehlp.dll
2015-03-08 23:10 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2015-03-08 23:10 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2015-03-08 23:10 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
2015-03-08 23:10 - 2013-07-12 11:41 - 00185344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2015-03-08 23:10 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2015-03-08 23:10 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-03-08 23:10 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2015-03-08 23:10 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-03-08 23:10 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-03-08 23:10 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-03-08 23:10 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
2015-03-08 23:10 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2015-03-08 23:10 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2015-03-08 23:10 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2015-03-08 23:10 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2015-03-08 23:10 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-08 23:10 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-08 23:10 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-08 23:10 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-08 23:10 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-08 23:10 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-08 23:10 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-08 23:10 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-08 23:10 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-08 23:10 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-08 23:10 - 2013-04-26 00:30 - 01505280 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
2015-03-08 23:10 - 2013-04-01 07:03 - 00078680 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_AuthenticAMD.dll
2015-03-08 23:10 - 2013-03-31 23:52 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
2015-03-08 23:10 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys
2015-03-08 23:10 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WdfLdr.sys
2015-03-08 23:10 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\Wdfres.dll
2015-03-08 23:10 - 2012-11-28 23:56 - 00000003 _____ () C:\windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-03-08 23:10 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\windows\system32\dpnet.dll
2015-03-08 23:10 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpnet.dll
2015-03-08 23:09 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
2015-03-08 23:09 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL
2015-03-08 23:09 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2015-03-08 23:09 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2015-03-08 23:09 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
2015-03-08 23:09 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2015-03-08 23:09 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2015-03-08 23:08 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-08 23:08 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-08 23:08 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-08 23:08 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-08 23:08 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-08 23:08 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-08 23:08 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-08 23:08 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-08 23:08 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-08 23:08 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-08 23:08 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-08 22:56 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2015-03-08 22:56 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
2015-03-08 22:56 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
2015-03-08 22:56 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\windows\system32\rdpcorekmts.dll
2015-03-08 22:56 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
2015-03-08 22:56 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2015-03-08 22:56 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdpwd.sys
2015-03-08 22:56 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
2015-03-08 22:56 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-03-08 22:56 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2015-03-08 22:56 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-03-08 22:55 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-03-08 22:55 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-03-08 22:55 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-03-08 22:55 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-03-08 22:55 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-03-08 22:55 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-03-08 22:54 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\windows\system32\Wpc.dll
2015-03-08 22:54 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\windows\system32\gameux.dll
2015-03-08 22:54 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wpc.dll
2015-03-08 22:54 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\windows\SysWOW64\gameux.dll
2015-03-08 22:54 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\windows\system32\oflc-nz.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\windows\system32\pegibbfc.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\windows\system32\csrr.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\windows\system32\usk.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\windows\system32\oflc.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-pt.rs
2015-03-08 22:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\windows\system32\pegi-fi.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\windows\system32\cero.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\windows\system32\esrb.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\windows\system32\fpb.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\windows\system32\cob-au.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\windows\system32\grb.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\windows\system32\pegi.rs
2015-03-08 22:54 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\windows\system32\djctq.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\windows\SysWOW64\cero.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\windows\SysWOW64\esrb.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\windows\SysWOW64\fpb.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\windows\SysWOW64\oflc-nz.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\windows\SysWOW64\pegibbfc.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\windows\SysWOW64\csrr.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\windows\SysWOW64\cob-au.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\windows\SysWOW64\usk.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\windows\SysWOW64\oflc.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\windows\SysWOW64\grb.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-pt.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi-fi.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\windows\SysWOW64\pegi.rs
2015-03-08 22:54 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\windows\SysWOW64\djctq.rs
2015-03-08 22:51 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2015-03-08 22:51 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2015-03-08 22:50 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-08 22:50 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-08 22:50 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-08 22:50 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-08 22:48 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-08 22:48 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-08 22:48 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2015-03-08 22:48 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2015-03-08 22:48 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2015-03-08 22:48 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2015-03-08 22:48 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\cryptdlg.dll
2015-03-08 22:48 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptdlg.dll
2015-03-08 22:47 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-08 22:47 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2015-03-08 22:47 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2015-03-08 22:47 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2015-03-08 22:47 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2015-03-08 22:47 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2015-03-08 22:47 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2015-03-08 22:47 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2015-03-08 22:47 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2015-03-08 22:47 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-03-08 22:47 - 2014-03-04 10:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-03-08 22:47 - 2014-03-04 10:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-03-08 22:47 - 2014-03-04 10:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-03-08 22:47 - 2014-03-04 10:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-03-08 22:47 - 2014-03-04 10:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-03-08 22:47 - 2014-03-04 09:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-03-08 22:47 - 2014-03-04 09:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-03-08 22:47 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-03-08 22:47 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-08 22:47 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-03-08 22:47 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
2015-03-08 22:47 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
2015-03-08 22:47 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2015-03-08 22:46 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-03-08 22:46 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-03-08 22:46 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2015-03-08 22:46 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2015-03-08 22:46 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\windows\system32\charmap.exe
2015-03-08 22:46 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\windows\SysWOW64\charmap.exe
2015-03-08 22:46 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-03-08 22:46 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-03-08 22:46 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2015-03-08 22:46 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-08 22:46 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-08 22:46 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-08 22:46 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-08 22:46 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-08 22:46 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-03-08 22:46 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-03-08 22:46 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2015-03-08 22:46 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2015-03-08 22:46 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2015-03-08 22:46 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2015-03-08 22:46 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2015-03-08 22:46 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2015-03-08 22:46 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2015-03-08 22:46 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2015-03-08 22:46 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2015-03-08 22:46 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2015-03-08 22:46 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2015-03-08 22:46 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2015-03-08 22:46 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2015-03-08 22:46 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-03-08 22:46 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-03-08 22:46 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2015-03-08 22:46 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
2015-03-08 22:45 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-03-08 22:45 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-03-08 22:45 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
2015-03-08 22:45 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2015-03-08 22:45 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\WsmAuto.dll
2015-03-08 22:45 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\WSManHTTPConfig.exe
2015-03-08 22:45 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2015-03-08 22:45 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManMigrationPlugin.dll
2015-03-08 22:45 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2015-03-08 22:45 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmAuto.dll
2015-03-08 22:45 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSManHTTPConfig.exe
2015-03-08 22:45 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-03-08 22:45 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-03-08 22:45 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2015-03-08 22:45 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2015-03-08 22:45 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2015-03-08 22:45 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2015-03-08 22:45 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2015-03-08 22:45 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2015-03-08 22:45 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2015-03-08 22:45 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2015-03-08 22:45 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32spl.dll
2015-03-08 22:45 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\windows\SysWOW64\synceng.dll
2015-03-08 22:45 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\synceng.dll
2015-03-08 20:45 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-03-08 20:45 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-03-08 20:45 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-03-08 20:45 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-03-08 20:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-03-08 20:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-03-08 20:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-03-08 20:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-03-08 20:44 - 2015-03-08 20:44 - 00054180 _____ () C:\Users\Britta\Desktop\Extras.Txt
2015-03-08 20:40 - 2015-03-08 20:40 - 00072640 _____ () C:\Users\Britta\Desktop\OTL.Txt
2015-03-08 20:19 - 2015-03-08 20:19 - 00602112 _____ (OldTimer Tools) C:\Users\Britta\Downloads\OTL(1).exe
2015-03-08 20:18 - 2015-03-08 20:18 - 00602112 _____ (OldTimer Tools) C:\Users\Britta\Desktop\OTL.exe
2015-03-08 20:17 - 2015-03-11 22:05 - 00001202 _____ () C:\Users\Britta\Desktop\mbam.txt
2015-03-08 20:17 - 2015-03-08 20:17 - 00001204 _____ () C:\Users\Britta\Desktop\mbam1.txt
2015-03-08 17:08 - 2015-03-12 12:23 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 17:08 - 2015-03-09 22:45 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-08 17:08 - 2015-03-08 17:08 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 17:08 - 2015-03-08 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-08 17:08 - 2015-03-08 17:08 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-08 17:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-03-08 17:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-03-08 17:07 - 2015-03-08 17:07 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Britta\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-08 17:03 - 2015-03-08 17:03 - 00011467 _____ () C:\Users\Britta\Documents\prüfung2.txt
2015-03-08 16:50 - 2015-03-08 16:50 - 00011979 _____ () C:\Users\Britta\Documents\prüfung.txt
2015-03-08 16:48 - 2015-03-08 16:48 - 00388608 _____ (Trend Micro Inc.) C:\Users\Britta\Downloads\HiJackThis204.exe
2015-03-08 16:45 - 2015-03-08 16:45 - 00347816 _____ (Microsoft Corporation) C:\Users\Britta\Downloads\MicrosoftFixit.wu.LB.834928548827129.1.1.Run.exe
2015-03-08 16:44 - 2015-03-08 16:44 - 163016912 _____ () C:\Users\Britta\Downloads\avira_free650_antivirus_de.exe
2015-03-08 16:43 - 2015-03-08 16:43 - 40824144 _____ () C:\Users\Britta\Downloads\Firefox_Setup_36.0.1.exe
2015-03-08 16:43 - 2015-03-08 16:43 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-03-08 16:43 - 2015-03-08 16:43 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-03-08 16:43 - 2015-03-08 16:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-08 13:49 - 2015-03-08 13:49 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de(2).zip
2015-03-08 13:49 - 2015-03-08 13:49 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de(1).zip
2015-03-08 12:56 - 2015-03-08 12:56 - 25244015 _____ () C:\Users\Britta\Downloads\MSEInstall_4.7.0205_de.zip
2015-03-08 12:06 - 2015-03-08 12:08 - 00000260 _____ () C:\Descriptors.txt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-12 16:35 - 2012-04-05 09:37 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-12 16:31 - 2011-04-03 00:43 - 09601472 _____ () C:\windows\system32\TPAPSLOG.LOG
2015-03-12 16:28 - 2011-04-03 00:01 - 01324955 _____ () C:\windows\WindowsUpdate.log
2015-03-12 16:19 - 2011-04-03 00:43 - 00723072 _____ () C:\windows\system32\TPHDLOG0.LOG
2015-03-12 12:35 - 2011-04-03 07:19 - 00659238 _____ () C:\windows\system32\perfh007.dat
2015-03-12 12:35 - 2011-04-03 07:19 - 00132776 _____ () C:\windows\system32\perfc007.dat
2015-03-12 12:35 - 2009-07-14 06:13 - 01512418 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-12 12:34 - 2009-07-14 05:51 - 00116996 _____ () C:\windows\setupact.log
2015-03-12 12:28 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-12 12:28 - 2009-07-14 05:45 - 00013424 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-12 12:19 - 2011-04-03 00:53 - 00124932 _____ () C:\windows\system32\fastboot.set
2015-03-12 12:18 - 2011-04-03 00:50 - 03570733 _____ () C:\FaceProv.log
2015-03-12 12:18 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-10 23:55 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-10 23:45 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-03-10 23:41 - 2011-05-03 03:19 - 00350732 _____ () C:\windows\PFRO.log
2015-03-10 00:39 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-03-09 11:54 - 2011-05-22 20:32 - 00000000 ____D () C:\windows\System32\Tasks\Games
2015-03-09 11:33 - 2011-11-26 19:25 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\uTorrent
2015-03-09 11:23 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta
2015-03-09 06:49 - 2013-05-02 09:48 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-09 06:41 - 2012-10-30 16:42 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2015-03-09 06:41 - 2012-10-30 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-09 06:29 - 2011-05-03 19:30 - 00087792 _____ () C:\Users\Britta\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-09 06:28 - 2011-05-03 19:29 - 00001421 _____ () C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 06:26 - 2009-07-29 08:00 - 00000000 ____D () C:\windows\Panther
2015-03-09 06:21 - 2009-07-14 05:45 - 00335608 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-09 06:15 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-03-09 06:15 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\AppCompat
2015-03-09 06:14 - 2009-07-29 08:23 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-09 06:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-09 06:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\zh-HK
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\tr-TR
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\zh-HK
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\tr-TR
2015-03-09 06:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-08 18:35 - 2012-04-05 09:37 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-03-08 18:35 - 2012-04-05 09:37 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-03-08 18:35 - 2011-09-02 13:10 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-08 17:01 - 2013-10-05 15:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-08 16:49 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta\AppData\Local\VirtualStore
2015-03-08 16:43 - 2014-11-15 11:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 16:38 - 2012-10-30 16:42 - 00000000 ____D () C:\ProgramData\Avira
2015-03-08 16:37 - 2014-08-06 08:15 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-08 16:37 - 2013-06-17 14:19 - 00000000 ____D () C:\windows\Minidump
2015-03-08 16:37 - 2012-10-30 16:42 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-08 16:37 - 2011-10-30 09:23 - 00000000 ____D () C:\windows\system32\Macromed
2015-03-08 16:37 - 2011-05-03 19:28 - 00000000 ____D () C:\Users\Britta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-03-08 16:37 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\registration
2015-03-08 01:47 - 2011-05-28 11:43 - 00000000 ____D () C:\Users\Britta\Tracing
2015-02-25 17:53 - 2013-04-10 00:49 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-02-25 17:53 - 2013-04-10 00:49 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
==================== Files in the root of some directories =======
2013-02-01 12:06 - 2013-02-01 12:06 - 0003584 _____ () C:\Users\Britta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Some content of TEMP:
====================
C:\Users\Britta\AppData\Local\Temp\avgnt.exe
C:\Users\Britta\AppData\Local\Temp\Quarantine.exe
C:\Users\Britta\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-07 18:59
==================== End Of Log ============================
--- --- --- Geändert von flux90 (12.03.2015 um 16:51 Uhr) |
|
13.03.2015, 08:47
| #13 |
| /// the machine /// TB-Ausbilder | Windows 7: Trojaner - Windows Updates, Firewall defekt Java und Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter F:\Britta\Musik\music\mytheme-347165-11050628702503.exe
F:\Britta\Sachen vom Desktop\programme\MsgPlusLive-423.exe
F:\Sicherung 10-04-13\Firefox 19.0.2 (de) - 2013-04-10.pcv
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
 Jetzt bitte Updates versuchen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
13.03.2015, 09:57
| #14 |
| | Windows 7: Trojaner - Windows Updates, Firewall defekt Muss ich für den ersten Schritt die externe Festplatte wieder anschließen? |
|
13.03.2015, 13:43
| #15 |
| /// the machine /// TB-Ausbilder | Windows 7: Trojaner - Windows Updates, Firewall defekt ehm, wieso?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Trojaner - Windows Updates, Firewall defekt |
| antivir, antivirus, avira, bonjour, browser, fehlermeldung, firefox, flash player, hijack, hijackthis, home, homepage, mozilla, programm, registry, scan, security, services.exe, software, svchost.exe, trojaner, updates, usb, windows, windows updates |
WARNUNG an die MITLESER: 
Linear-Darstellung
