Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden

Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden


Log-Analyse und Auswertung: Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 17.03.2015, 16:37   #1
Dorfkicker
 
Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden - Standard

Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden


Hallo zusammen,
ich habe mir beim Einrichten eines neuen Toshiba-NBs mit vorinstalliertem Win 8.1 (64bit) offenbar einen Trojaner eingefangen. Rechner wurde plötzlich langsam und Windows Defender ließ sich nicht mehr starten. Der Versuch, diesen zu reaktivieren oder andere Antivirenprogramme zu installieren, schlug immer fehl. Installation klappte zwar, beim Start des Programms gab es dann jedesmal eine Fehlermeldung.

Erst der Trojan Remover fand dann den Eintrag nqij.exe in der Registry beim Startaufruf der diversen Antivir-Programme, konnte die Registry jedoch nicht bereinigen.

Bin dann über Google auf eurer Seite gelandet. Habe die virt. Laufwerke deaktiviert und GMER gestartet, letzteres brach aber sofort mit Fehlermeldung ab (s.u.). Ich bin dankbar für jede Hilfe, das Gerät hat mich jetzt schon zwei Tage gekostet.

Logfiles:
FRST.txt (Teil 1)

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Frank (administrator) on UHURA2 on 17-03-2015 15:48:16
Running from C:\Users\Frank\Desktop
Loaded Profiles: Frank (Available profiles: Frank)
Platform: Windows 8.1 Connected (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
() C:\Program Files (x86)\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe
(AVM Berlin) C:\Users\Frank\AppData\Local\Apps\2.0\278VR074.5Y2\MNK9G0ED.QWB\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
() C:\Users\Frank\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(ACD Systems) C:\Program Files (x86)\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Priotecs IT GmbH) C:\Program Files (x86)\Outlook Backup Assistant\OutlookBackupAssistant.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [ACSW18DE] => C:\Program Files (x86)\ACD Systems\ACDSee\18.0\acdIDInTouch2.exe [1470224 2014-09-17] (ACD Systems)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [416696 2012-10-25] (H+H Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1791856 2014-10-16] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Run: [AVMUSBFernanschluss] => C:\Users\Frank\AppData\Local\Apps\2.0\278VR074.5Y2\MNK9G0ED.QWB\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2015-03-10] (AVM Berlin)
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Run: [ACDSeeCommander18] => C:\Program Files (x86)\ACD Systems\ACDSee\18.0\ACDSeeCommander18.exe [1973256 2014-12-17] ()
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Run: [Amazon Music] => C:\Users\Frank\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886272 2015-03-02] ()
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2501368 2015-01-28] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\Run: [EPSONE8BE74 (Epson Stylus SX430)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHAE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
IFEO\AvastSvc.exe: [Debugger] nqij.exe
IFEO\AvastUI.exe: [Debugger] nqij.exe
IFEO\avcenter.exe: [Debugger] nqij.exe
IFEO\avconfig.exe: [Debugger] nqij.exe
IFEO\avgcsrvx.exe: [Debugger] nqij.exe
IFEO\avgidsagent.exe: [Debugger] nqij.exe
IFEO\avgnt.exe: [Debugger] nqij.exe
IFEO\avgrsx.exe: [Debugger] nqij.exe
IFEO\avguard.exe: [Debugger] nqij.exe
IFEO\avgui.exe: [Debugger] nqij.exe
IFEO\avgwdsvc.exe: [Debugger] nqij.exe
IFEO\avp.exe: [Debugger] nqij.exe
IFEO\avscan.exe: [Debugger] nqij.exe
IFEO\bdagent.exe: [Debugger] nqij.exe
IFEO\blindman.exe: [Debugger] nqij.exe
IFEO\ccuac.exe: [Debugger] nqij.exe
IFEO\ComboFix.exe: [Debugger] nqij.exe
IFEO\egui.exe: [Debugger] nqij.exe
IFEO\hijackthis.exe: [Debugger] nqij.exe
IFEO\instup.exe: [Debugger] nqij.exe
IFEO\keyscrambler.exe: [Debugger] nqij.exe
IFEO\mbam.exe: [Debugger] nqij.exe
IFEO\mbamgui.exe: [Debugger] nqij.exe
IFEO\mbampt.exe: [Debugger] nqij.exe
IFEO\mbamscheduler.exe: [Debugger] nqij.exe
IFEO\mbamservice.exe: [Debugger] nqij.exe
IFEO\MSASCui.exe: [Debugger] nqij.exe
IFEO\rstrui.exe: [Debugger] nqij.exe
IFEO\SDFiles.exe: [Debugger] nqij.exe
IFEO\SDMain.exe: [Debugger] nqij.exe
IFEO\SDWinSec.exe: [Debugger] nqij.exe
IFEO\spybotsd.exe: [Debugger] nqij.exe
IFEO\wireshark.exe: [Debugger] nqij.exe
IFEO\zlclient.exe: [Debugger] nqij.exe
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2734555180-3142773653-1428810083-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2734555180-3142773653-1428810083-1001 -> {898DEB29-90E7-4FED-ADAC-FCDAB1A2CEFC} URL = 
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Adblock Plus)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.10

FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-11] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default\Extensions\abs@avira.com [2015-03-17]
FF Extension: mediaplayerconnectivity - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2015-03-11]
FF Extension: Add to Amazon Wish List Button - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default\Extensions\amznUWL2@amazon.com.xpi [2015-03-11]
FF Extension: NoScript - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-11]
FF Extension: Video DownloadHelper - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-16]
FF Extension: Adblock Plus - C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\gkjsc56c.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-10]

Chrome: 
=======
CHR HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157
CHR Profile: C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-17]
CHR Extension: (Google Docs) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-17]
CHR Extension: (Google Drive) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
CHR Extension: (YouTube) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-17]
CHR Extension: (Adblock Plus) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-17]
CHR Extension: (Google Search) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-17]
CHR Extension: (Avira SafeSearch) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-03-17]
CHR Extension: (Google Sheets) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-17]
CHR Extension: (Sticky Password Autofill Engine) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggepjhbdgijjkbelnggboeoehacbphed [2015-03-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-17]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-17]
CHR Extension: (Google Wallet) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-17]
CHR Extension: (Gmail) - C:\Users\Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2734555180-3142773653-1428810083-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [File not signed]
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-03] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2014-08-05] (Toshiba Europe GmbH)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147312 2014-12-15] (H+H Software GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R3 avmaura; C:\Windows\System32\drivers\avmaura.sys [116480 2015-03-10] (AVM Berlin)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-10] (Windows (R) Win 7 DDK provider)
S3 Tosrfcom; No ImagePath
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
R1 vdrv1000; C:\Windows\System32\drivers\vdrv1000.sys [226080 2012-12-06] (H+H Software GmbH)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-17 15:48 - 2015-03-17 15:48 - 00000472 _____ () C:\Users\Frank\Downloads\defogger_disable.log
2015-03-17 15:48 - 2015-03-17 15:48 - 00000000 _____ () C:\Users\Frank\defogger_reenable
2015-03-17 15:47 - 2015-03-17 15:47 - 00050477 _____ () C:\Users\Frank\Downloads\Defogger.exe
2015-03-17 15:23 - 2015-03-17 15:24 - 00029764 _____ () C:\Users\Frank\Downloads\Addition.txt
2015-03-17 15:21 - 2015-03-17 15:24 - 00142748 _____ () C:\Users\Frank\Downloads\FRST.txt
2015-03-17 15:20 - 2015-03-17 15:21 - 02095616 _____ (Farbar) C:\Users\Frank\Downloads\FRST64.exe
2015-03-17 15:13 - 2015-03-17 15:13 - 00000022 _____ () C:\Users\Frank\Downloads\apppath.torun
2015-03-17 15:02 - 2015-03-17 15:02 - 00022528 _____ (Microsoft) C:\Users\Frank\Downloads\RunAsSystem.exe
2015-03-17 14:52 - 2015-03-17 14:53 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Frank\Downloads\mbam-setup-2.0.4.1028 (2).exe
2015-03-17 14:52 - 2015-03-17 14:52 - 00001084 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-17 14:52 - 2015-03-17 14:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-03-17 14:52 - 2015-03-17 14:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-17 14:52 - 2015-03-17 14:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-03-17 14:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-17 14:52 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 14:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-17 14:51 - 2015-03-17 14:53 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Frank\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-03-17 14:51 - 2015-03-17 14:52 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Frank\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-17 13:56 - 2015-03-17 13:56 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2015-03-17 13:41 - 2015-03-17 13:41 - 00000000 ____D () C:\OETemp
2015-03-17 13:23 - 2015-03-17 14:06 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-17 13:22 - 2015-03-17 13:22 - 04515896 _____ (Avira Operations & Co. KG) C:\Users\Frank\Downloads\avira_de_av_5946238192__ws.exe
2015-03-17 13:17 - 2015-03-17 13:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2015-03-17 13:16 - 2015-03-17 13:16 - 00416576 _____ (Kaspersky Lab) C:\Users\Frank\Downloads\de-de.setup.exe
2015-03-17 13:15 - 2015-03-17 13:15 - 141468920 _____ (Microsoft Corporation) C:\Users\Frank\Downloads\msert.exe
2015-03-17 13:13 - 2015-03-17 13:14 - 00013513 _____ () C:\Users\Frank\Desktop\Addition.txt
2015-03-17 13:10 - 2015-03-17 15:48 - 00020033 _____ () C:\Users\Frank\Desktop\FRST.txt
2015-03-17 13:10 - 2015-03-17 15:48 - 00000000 ____D () C:\FRST
2015-03-17 12:30 - 2015-03-17 12:28 - 02095616 _____ (Farbar) C:\Users\Frank\Desktop\FRST64.exe
2015-03-17 12:20 - 2015-03-17 12:20 - 00001121 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk
2015-03-17 12:20 - 2015-03-17 12:20 - 00000000 ____D () C:\Users\Frank\Documents\Simply Super Software
2015-03-17 12:20 - 2015-03-17 12:20 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Simply Super Software
2015-03-17 12:20 - 2015-03-17 12:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-03-17 12:20 - 2015-03-17 12:20 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-17 12:19 - 2015-03-17 12:20 - 00000000 ____D () C:\Program Files (x86)\Trojan Remover
2015-03-17 12:19 - 2015-03-17 12:19 - 00000000 ____D () C:\ProgramData\Simply Super Software
2015-03-17 12:18 - 2015-03-17 12:19 - 31390952 _____ (Simply Super Software ) C:\Users\Frank\Downloads\trjsetup691.exe
2015-03-17 12:04 - 2015-03-17 12:04 - 00000000 __SHD () C:\ProgramData\Application Services
2015-03-17 11:54 - 2015-03-17 12:21 - 00008108 _____ () C:\Users\Frank\AppData\Roaming\msconfig.ini
2015-03-17 11:54 - 2015-03-17 12:21 - 00000000 __SHD () C:\Windows\SysWOW64\Application Services
2015-03-17 11:24 - 2015-03-17 15:35 - 00000812 _____ () C:\Windows\setupact.log
2015-03-17 11:24 - 2015-03-17 11:24 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-17 11:23 - 2015-03-17 15:34 - 00142982 _____ () C:\Windows\PFRO.log
2015-03-17 11:09 - 2015-03-17 11:10 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Mp3tag
2015-03-17 10:48 - 2015-03-17 10:48 - 00650657 _____ () C:\Users\Frank\Downloads\lame3.99.5.zip
2015-03-17 10:41 - 2015-03-17 10:41 - 00000000 ____D () C:\Users\Frank\AppData\Local\CrashDumps
2015-03-17 10:40 - 2015-03-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2015-03-17 10:40 - 2015-03-17 10:40 - 00001052 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk
2015-03-17 10:40 - 2015-03-17 10:40 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\EAC
2015-03-17 10:40 - 2015-03-17 10:40 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\AccurateRip
2015-03-17 10:40 - 2015-03-17 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2015-03-17 10:38 - 2015-03-17 10:39 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-17 10:38 - 2015-03-17 10:38 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-17 10:38 - 2015-03-17 10:38 - 00000000 ____D () C:\ProgramData\Sun
2015-03-17 10:38 - 2015-03-17 10:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-17 10:38 - 2015-03-17 10:38 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-17 10:37 - 2015-03-17 10:37 - 00561064 _____ (Oracle Corporation) C:\Users\Frank\Downloads\jxpiinstall.exe
2015-03-17 10:36 - 2015-03-17 10:39 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Freeplane
2015-03-17 10:36 - 2015-03-17 10:36 - 00000842 _____ () C:\Users\Public\Desktop\Freeplane.lnk
2015-03-17 10:36 - 2015-03-17 10:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeplane
2015-03-17 10:36 - 2015-03-17 10:36 - 00000000 ____D () C:\Program Files\Freeplane
2015-03-17 10:29 - 2015-03-17 10:29 - 00000840 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel
2015-03-17 10:29 - 2015-03-17 10:29 - 00000000 ____D () C:\Users\Frank\AppData\Local\gtk-2.0
2015-03-17 10:29 - 2015-03-17 10:29 - 00000000 ____D () C:\Users\Frank\.thumbnails
2015-03-17 10:22 - 2015-03-17 10:35 - 00000000 ____D () C:\Users\Frank\.gimp-2.8
2015-03-17 10:22 - 2015-03-17 10:22 - 04620717 _____ () C:\Users\Frank\Downloads\eac-1.0beta4.exe
2015-03-17 10:22 - 2015-03-17 10:22 - 00000000 ____D () C:\Users\Frank\AppData\Local\gegl-0.2
2015-03-17 10:14 - 2015-03-17 10:36 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\FileZilla
2015-03-17 10:14 - 2015-03-17 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-03-17 10:14 - 2015-03-17 10:14 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2015-03-17 10:13 - 2015-03-17 10:26 - 00000916 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-03-17 10:12 - 2015-03-17 10:13 - 00000000 ____D () C:\Program Files\GIMP 2
2015-03-17 10:11 - 2015-03-17 10:12 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2015-03-17 10:11 - 2015-03-17 10:11 - 00001035 _____ () C:\Users\Frank\Desktop\Notepad++.lnk
2015-03-17 10:11 - 2015-03-17 10:11 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Notepad++
2015-03-17 10:11 - 2015-03-17 10:11 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-17 10:11 - 2015-03-17 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-03-17 10:06 - 2015-03-17 10:06 - 06208736 _____ (Tim Kosse) C:\Users\Frank\Downloads\filezilla_3.10.2_win32-setup.exe
2015-03-17 10:05 - 2015-03-17 10:05 - 08271739 _____ () C:\Users\Frank\Downloads\npp.6.7.5.installer.exe
2015-03-17 10:00 - 2015-03-17 10:00 - 91931728 _____ (The GIMP Team ) C:\Users\Frank\Downloads\gimp-2.8.14-setup-1.exe
2015-03-17 09:58 - 2015-03-17 09:58 - 24430312 _____ (Open source ) C:\Users\Frank\Downloads\freeplane-setup-1.3.15.exe
2015-03-17 08:41 - 2015-03-17 15:37 - 00000000 ___RD () C:\Users\Frank\Google Drive
2015-03-17 08:28 - 2015-03-17 08:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-17 08:27 - 2015-03-17 08:27 - 00880208 _____ (Google Inc.) C:\Users\Frank\Downloads\ChromeSetup.exe
2015-03-17 08:13 - 2015-03-17 08:13 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2015-03-17 08:12 - 2015-03-17 08:12 - 05915456 _____ ( ) C:\Users\Frank\Downloads\adblockplusie-1.3.exe
2015-03-16 22:19 - 2015-03-17 13:59 - 01435900 _____ () C:\Windows\WindowsUpdate.log
2015-03-16 22:16 - 2015-03-16 22:19 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\WildTangent
2015-03-16 22:16 - 2015-03-16 22:16 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-03-16 21:16 - 2015-03-16 21:16 - 15094704 _____ (Lamantine Software ) C:\Users\Frank\Downloads\stpass_free_606434.exe
2015-03-16 21:16 - 2015-03-16 21:16 - 15094696 _____ (Lamantine Software ) C:\Users\Frank\Downloads\stpass_trial_606434.exe
2015-03-16 19:46 - 2015-03-16 20:09 - 00121344 ___SH () C:\Users\Frank\Downloads\Thumbs.db
2015-03-16 17:26 - 2015-03-16 17:46 - 00000000 ___SD () C:\Users\Public\Virtual CDs
2015-03-16 17:26 - 2015-03-16 17:26 - 00000000 ___SD () C:\Users\Public\Virtual CD v10
2015-03-16 17:26 - 2015-03-16 17:26 - 00000000 ___SD () C:\Users\Frank\AppData\Roaming\Virtual CD v10
2015-03-16 17:26 - 2015-03-16 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual CD v10
2015-03-16 17:26 - 2012-12-06 11:09 - 00226080 ____N (H+H Software GmbH) C:\Windows\system32\Drivers\vdrv1000.sys
2015-03-16 17:26 - 2009-07-09 11:24 - 00024088 _____ (H+H Software GmbH) C:\Windows\system32\Drivers\HH10Help.sys
2015-03-16 17:25 - 2015-03-16 17:26 - 00000000 ____D () C:\Program Files (x86)\Virtual CD v10
2015-03-16 17:24 - 2015-03-16 17:24 - 00000000 ____D () C:\Users\Frank\AppData\Roaming\InstallShield
2015-03-16 17:24 - 2008-06-17 09:22 - 00040464 _____ (H+H Software GmbH) C:\Windows\system32\Drivers\vcd10bus.sys
2015-03-16 16:43 - 2000-10-29 15:33 - 00141312 _____ (Info-ZIP) C:\Windows\SysWOW64\Zip32.dll
2015-03-16 16:30 - 2015-03-16 17:01 - 00000000 ____D () C:\Users\Frank\Documents\TC Seth
2015-03-16 15:13 - 2015-03-16 16:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-DVD.Org V2
2015-03-16 15:13 - 2007-09-24 10:04 - 00675840 _____ () C:\Windows\SysWOW64\AudioGenie2.ocx
2015-03-16 15:13 - 2006-03-09 12:34 - 02945024 _____ (hxxp://mediainfo.sourceforge.net) C:\Windows\SysWOW64\MediaInfo.dll
2015-03-16 15:13 - 2004-05-27 00:32 - 00102400 _____ (Info-ZIP) C:\Windows\SysWOW64\unzip32.dll
2015-03-16 15:12 - 2015-03-16 16:43 - 00000000 ____D () C:\Program Files (x86)\M-DVD.Org V2
2015-03-16 15:12 - 2015-03-16 15:12 - 00000000 ____D () C:\ProgramData\M-DVD.Org V2
2015-03-16 15:12 - 2009-12-04 11:56 - 00061440 ____H (SynApp GmbH) C:\Windows\SysWOW64\ErrExplorer.dll
2015-03-16 15:12 - 2006-10-06 09:20 - 02899968 _____ (combit GmbH) C:\Windows\SysWOW64\cmll11.dll
2015-03-16 15:12 - 2006-10-04 16:01 - 00351232 _____ (combit GmbH) C:\Windows\SysWOW64\cmpr11.dll
2015-03-16 15:12 - 2006-09-26 15:51 - 01399296 _____ (combit GmbH) C:\Windows\SysWOW64\cmct11.dll
2015-03-16 15:12 - 2006-09-26 15:39 - 01378304 _____ (combit GmbH) C:\Windows\SysWOW64\cmls11.dll
2015-03-16 15:12 - 2006-09-26 15:39 - 00893952 _____ (combit GmbH) C:\Windows\SysWOW64\cmbr11.dll
2015-03-16 15:12 - 2006-09-26 15:38 - 00739328 _____ (combit GmbH) C:\Windows\SysWOW64\cmdw11.dll
2015-03-16 15:12 - 2006-09-26 15:36 - 00337920 _____ (combit GmbH) C:\Windows\SysWOW64\cmut11.dll
2015-03-16 15:12 - 2006-09-13 10:29 - 00688640 _____ (combit GmbH) C:\Windows\SysWOW64\cmmx01.dll
2015-03-16 15:12 - 2006-07-19 07:00 - 00349184 _____ (combit GmbH) C:\Windows\SysWOW64\cmll11pw.llx
2015-03-16 15:12 - 2006-06-22 08:50 - 00165584 _____ (combit GmbH) C:\Windows\SysWOW64\cmll11o.ocx
2015-03-16 15:12 - 2005-09-13 13:29 - 00414720 _____ (combit GmbH) C:\Windows\SysWOW64\cmll1100.lng
2015-03-16 15:12 - 2005-08-08 16:10 - 00425984 _____ () C:\Windows\SysWOW64\cmmx0100.lng
2015-03-16 15:12 - 2005-07-12 09:41 - 00684032 _____ (combit GmbH) C:\Windows\SysWOW64\cmll11xl.dll
2015-03-16 15:12 - 2005-06-23 15:17 - 01161492 _____ () C:\Windows\SysWOW64\cmLL1100.chm
2015-03-16 12:57 - 2015-03-17 12:10 - 00000000 ____D () C:\Program Files (x86)\Sticky Password
2015-03-16 12:04 - 2015-03-16 12:04 - 00000000 ____D () C:\ProgramData\ToshibaEurope
2015-03-16 12:04 - 2015-03-16 12:04 - 00000000 ____D () C:\ProgramData\TOSHIBA Tempro
2015-03-16 12:03 - 2015-03-16 12:03 - 00000000 ____D () C:\Windows\System32\Tasks\Toshiba
2015-03-16 12:03 - 2015-03-16 12:03 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2015-03-16 11:55 - 2015-03-16 11:55 - 00000000 __SHD () C:\Users\Frank\AppData\Local\EmieBrowserModeList
2015-03-16 11:54 - 2015-03-16 11:54 - 00000000 ____D () C:\ProgramData\IsolatedStorage
2015-03-16 08:57 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-03-16 08:57 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-03-16 08:57 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-03-16 08:57 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-03-16 08:57 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-03-16 08:57 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-03-16 08:57 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2015-03-16 08:57 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-03-16 08:57 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-03-16 08:56 - 2014-07-24 16:28 - 00419648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-03-16 08:56 - 2014-07-24 16:28 - 00412992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-03-16 08:56 - 2014-07-24 16:28 - 00280384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-03-16 08:56 - 2014-07-24 16:28 - 00143680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-03-16 08:56 - 2014-07-24 16:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-03-16 08:56 - 2014-07-24 16:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-03-16 08:56 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-03-16 08:56 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-03-16 08:56 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-03-16 08:56 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2015-03-16 08:56 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-03-16 08:56 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-16 08:56 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-16 08:56 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-16 08:56 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-16 08:56 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-16 08:56 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-03-16 08:56 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-16 08:56 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2015-03-16 08:56 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-03-16 08:56 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-03-16 08:56 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2015-03-16 08:56 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-16 08:56 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-03-16 08:56 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2015-03-16 08:56 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2015-03-16 08:56 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-03-16 08:56 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-03-16 08:56 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-03-16 08:56 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-03-16 08:56 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-03-16 08:56 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-03-16 08:56 - 2014-07-24 12:45 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-03-16 08:56 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-03-16 08:56 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-03-16 08:56 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2015-03-16 08:56 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2015-03-16 08:56 - 2014-07-24 12:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2015-03-16 08:56 - 2014-07-24 12:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-03-16 08:56 - 2014-07-24 12:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-03-16 08:56 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll
2015-03-16 08:56 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2015-03-16 08:56 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-03-16 08:56 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-03-16 08:56 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-03-16 08:56 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2015-03-16 08:56 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-03-16 08:56 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-03-16 08:56 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-03-16 08:56 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2015-03-16 08:56 - 2014-07-24 11:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-03-16 08:56 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-03-16 08:56 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-03-16 08:56 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-03-16 08:56 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2015-03-16 08:56 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-03-16 08:56 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-03-16 08:56 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-03-16 08:56 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll
2015-03-16 08:56 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2015-03-16 08:56 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-03-16 08:56 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2015-03-16 08:56 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll
2015-03-16 08:56 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2015-03-16 08:56 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-03-16 08:56 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-03-16 08:56 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-03-16 08:56 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2015-03-16 08:56 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2015-03-16 08:56 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-03-16 08:56 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll
2015-03-16 08:56 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-03-16 08:56 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-03-16 08:56 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-03-16 08:56 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2015-03-16 08:56 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll
2015-03-16 08:56 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2015-03-16 08:56 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-03-16 08:56 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2015-03-16 08:56 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-03-16 08:56 - 2014-07-24 09:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-03-16 08:56 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2015-03-16 08:56 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-03-16 08:56 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll
2015-03-16 08:56 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-03-16 08:56 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2015-03-16 08:56 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-03-16 08:56 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-03-16 08:56 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2015-03-16 08:56 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll
2015-03-16 08:56 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-03-16 08:56 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-03-16 08:56 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-03-16 08:56 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-03-16 08:56 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2015-03-16 08:56 - 2014-07-24 09:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-03-16 08:56 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-03-16 08:56 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-03-16 08:56 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2015-03-16 08:56 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-03-16 08:56 - 2014-07-24 09:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-03-16 08:56 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2015-03-16 08:56 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-03-16 08:56 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2015-03-16 08:56 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-03-16 08:56 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2015-03-16 08:56 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-03-16 08:56 - 2014-07-24 09:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-03-16 08:56 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2015-03-16 08:56 - 2014-07-24 09:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-03-16 08:56 - 2014-07-24 09:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-03-16 08:56 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-03-16 08:56 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-03-16 08:56 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-03-16 08:56 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-03-16 08:56 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-03-16 08:56 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-03-16 08:56 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2015-03-16 08:56 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-03-16 08:56 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2015-03-16 08:56 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll
2015-03-16 08:56 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-03-16 08:56 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll
2015-03-16 08:56 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-03-16 08:56 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll
2015-03-16 08:56 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-03-16 08:56 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2015-03-16 08:56 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2015-03-16 08:56 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-03-16 08:56 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2015-03-16 08:56 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2015-03-16 08:56 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-03-16 08:56 - 2014-06-19 03:13 - 00310080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-03-16 08:56 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-03-16 08:56 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-03-16 08:56 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2015-03-16 08:56 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll
2015-03-16 08:56 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2015-03-16 08:56 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2015-03-16 08:56 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-03-16 08:56 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-03-16 08:56 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll
2015-03-16 08:56 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-03-16 08:56 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-03-16 08:56 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-03-16 08:56 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-03-16 08:56 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-03-16 08:56 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-03-16 08:56 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-03-16 08:56 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-03-16 08:55 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL
2015-03-16 08:55 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL
2015-03-16 08:55 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-03-16 08:55 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2015-03-16 08:55 - 2014-07-24 09:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-03-16 08:55 - 2014-07-24 09:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-03-16 08:55 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-03-16 08:48 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-03-16 08:48 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll
2015-03-16 08:41 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-03-16 08:40 - 2015-03-16 08:40 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2015-03-16 08:40 - 2015-03-16 08:40 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2015-03-16 08:34 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-16 08:34 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-16 08:34 - 2014-10-29 04:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-16 08:34 - 2014-10-29 03:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-12 17:13 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-03-12 16:48 - 2015-03-04 22:24 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-12 16:48 - 2015-03-04 22:24 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-12 16:28 - 2015-03-12 16:35 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-12 16:28 - 2015-02-26 21:14 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-12 16:23 - 2014-03-20 00:36 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReInfo.dll
2015-03-12 16:23 - 2014-03-08 07:40 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-03-12 16:23 - 2014-03-04 08:00 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2015-03-12 16:23 - 2014-03-04 07:32 - 00356864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2015-03-12 16:22 - 2014-03-20 05:19 - 01291200 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-03-12 16:22 - 2014-03-20 04:41 - 00376152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-03-12 16:22 - 2014-03-20 01:53 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-03-12 16:22 - 2014-03-20 01:48 - 00201216 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2015-03-12 16:22 - 2014-03-20 00:55 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-03-12 16:22 - 2014-03-20 00:39 - 00800256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-03-12 16:22 - 2014-03-19 06:50 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2015-03-12 16:22 - 2014-03-19 06:20 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2015-03-12 16:22 - 2014-03-13 13:35 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wof.sys
2015-03-12 16:22 - 2014-03-08 21:38 - 01542768 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-03-12 16:22 - 2014-03-08 16:29 - 00356848 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2015-03-12 16:22 - 2014-03-08 12:34 - 01095488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-03-12 16:22 - 2014-03-08 10:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\sxproxy.dll
2015-03-12 16:22 - 2014-03-08 09:33 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-03-12 16:22 - 2014-03-08 09:25 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\SetNetworkLocation.dll
2015-03-12 16:22 - 2014-03-08 09:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxproxy.dll
2015-03-12 16:22 - 2014-03-08 08:47 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2015-03-12 16:22 - 2014-03-08 08:04 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-03-12 16:22 - 2014-03-08 07:48 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2015-03-12 16:22 - 2014-03-08 07:31 - 00222720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2015-03-12 16:22 - 2014-03-08 07:30 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2015-03-12 16:22 - 2014-03-08 06:41 - 01306624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-03-12 16:22 - 2014-03-08 06:11 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-03-12 16:22 - 2014-03-06 15:34 - 02331000 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-03-12 16:22 - 2014-03-06 15:34 - 00113648 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-03-12 16:22 - 2014-03-06 12:19 - 00094016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2015-03-12 16:22 - 2014-03-06 11:46 - 01679128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-03-12 16:22 - 2014-03-06 10:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-03-12 16:22 - 2014-03-06 10:24 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-03-12 16:22 - 2014-03-06 10:22 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-03-12 16:22 - 2014-03-06 10:19 - 00283648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-03-12 16:22 - 2014-03-06 10:19 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-03-12 16:22 - 2014-03-06 10:19 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-03-12 16:22 - 2014-03-06 10:08 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\l2gpstore.dll
2015-03-12 16:22 - 2014-03-06 09:41 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\DevPropMgr.dll
2015-03-12 16:22 - 2014-03-06 09:38 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-03-12 16:22 - 2014-03-06 09:14 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\WSDScDrv.dll
2015-03-12 16:22 - 2014-03-06 09:10 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\l2gpstore.dll
2015-03-12 16:22 - 2014-03-06 09:00 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\SensorsApi.dll
2015-03-12 16:22 - 2014-03-06 08:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-03-12 16:22 - 2014-03-06 08:16 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsApi.dll
2015-03-12 16:22 - 2014-03-06 08:02 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-03-12 16:22 - 2014-03-06 07:29 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2015-03-12 16:22 - 2014-03-06 07:24 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-03-12 16:22 - 2014-03-06 07:23 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2015-03-12 16:22 - 2014-03-06 07:21 - 00291840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2015-03-12 16:22 - 2014-03-06 07:06 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2015-03-12 16:22 - 2014-03-06 07:04 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2015-03-12 16:22 - 2014-03-06 07:01 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Scanners.dll
2015-03-12 16:22 - 2014-03-06 06:51 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Scanners.dll
2015-03-12 16:22 - 2014-03-06 06:47 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2015-03-12 16:22 - 2014-03-06 06:42 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2015-03-12 16:22 - 2014-03-04 08:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-03-12 16:22 - 2014-03-04 08:13 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-03-12 16:22 - 2014-03-04 08:08 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-03-12 16:22 - 2014-03-04 07:56 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RMapi.dll
2015-03-12 16:22 - 2014-03-04 07:42 - 00494592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-03-12 16:22 - 2014-03-04 07:39 - 00254976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2015-03-12 16:22 - 2014-03-04 07:15 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.Printing.dll
2015-03-12 16:22 - 2014-03-04 07:05 - 00402432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.Printing.dll
2015-03-12 16:22 - 2014-03-04 07:03 - 00669696 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-03-12 16:22 - 2014-03-04 07:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2015-03-12 16:22 - 2014-03-04 06:54 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2015-03-12 16:22 - 2014-03-04 06:52 - 00605184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-03-12 16:22 - 2013-12-24 00:28 - 00262656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-03-12 16:22 - 2013-12-24 00:26 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-03-12 16:09 - 2014-12-09 04:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-12 16:09 - 2014-12-09 02:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-12 16:09 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-03-12 16:09 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-03-12 16:09 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-03-12 16:09 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-03-12 16:09 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-03-12 16:05 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-12 16:05 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-12 16:05 - 2015-01-15 23:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-12 16:05 - 2015-01-15 23:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-12 16:05 - 2015-01-14 05:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-03-12 16:05 - 2015-01-14 04:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-03-12 16:05 - 2014-10-29 03:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-12 16:05 - 2014-10-29 03:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-12 16:05 - 2014-10-29 03:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-12 16:05 - 2014-10-29 03:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-12 16:05 - 2014-10-29 02:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-12 16:05 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-03-12 16:05 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-03-12 16:05 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-03-12 16:05 - 2014-03-06 13:53 - 02141912 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-03-12 16:05 - 2014-03-06 13:51 - 00379224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-03-12 16:05 - 2014-03-06 13:39 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-03-12 16:05 - 2014-03-06 12:13 - 01779800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-03-12 16:04 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-12 16:04 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-12 16:04 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-12 16:04 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-12 16:04 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-12 16:04 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-12 16:04 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

 

Themen zu Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden
administrator, antivireprogramme, defender, explorer, hijack.security, homepage, installation, kaspersky, microsoft, msil/injector.ead, nqij.exe, programme, reaktivieren, registry, security.hijack, software, super, trojan.agent, trojaner, windows 8


« Laptop sehr langsam seid 2 Tagen. | Windows 7: VC32(64)LO~1.DLL für Windows nicht zugelassen o. enthält Fehler »


Ähnliche Themen: Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden


  1. Frage zu Program JRT (Junkware Removal Tool) Registry Eintrag gelöscht
    Antiviren-, Firewall- und andere Schutzprogramme - 20.06.2015 (3)
  2. Registry eintrag lässt sich nicht entfernen.
    Plagegeister aller Art und deren Bekämpfung - 19.12.2014 (6)
  3. Unbekannter Dienst bzw. Eintrag in der Registry
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (1)
  4. Suspekter Registry-Eintrag und Windows Mini-Anwendungsproblem
    Plagegeister aller Art und deren Bekämpfung - 18.12.2013 (13)
  5. registry eintrag (virus?)
    Plagegeister aller Art und deren Bekämpfung - 20.08.2013 (29)
  6. Versteckter Eintrag i.d. REGISTRY
    Log-Analyse und Auswertung - 28.09.2011 (7)
  7. Unbekannter Nameserver in Registry Eintrag
    Plagegeister aller Art und deren Bekämpfung - 27.12.2010 (2)
  8. Backdoor.Bot -> immer wieder in Registry eintrag zu finden.
    Log-Analyse und Auswertung - 15.08.2010 (19)
  9. Wo in der Registry Trojaner-Eintrag löschen?
    Plagegeister aller Art und deren Bekämpfung - 27.01.2010 (7)
  10. Registry-Eintrag CLSID will sich nicht löschen lassen
    Plagegeister aller Art und deren Bekämpfung - 25.02.2009 (0)
  11. Trojaner der Run Registry Eintrag immer wieder neu erstellt?
    Log-Analyse und Auswertung - 30.10.2008 (1)
  12. Registry-Eintrag
    Alles rund um Windows - 11.07.2007 (3)
  13. Merkwürdiger Registry Eintrag
    Plagegeister aller Art und deren Bekämpfung - 27.07.2006 (3)
  14. internet explorer geht nach registry eintrag nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 27.05.2006 (1)
  15. Adware.Srv32 -Registry-Eintrag löschen?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2006 (2)
  16. Kann Registry Eintrag nicht dauerhaft löschen
    Alles rund um Windows - 13.04.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden - Hallo zusammen, ich habe mir beim Einrichten eines neuen Toshiba-NBs mit vorinstalliertem Win 8.1 (64bit) offenbar einen Trojaner eingefangen. Rechner wurde plötzlich langsam und Windows Defender ließ sich nicht mehr - Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden...

Alle Zeitangaben in WEZ +1. Es ist jetzt 08:27 Uhr.

Kontakt - Trojaner-Board - Archiv - Datenschutzerklärung - Nach oben

Copyright ©2000-2025, Trojaner-Board
Archiv
Du betrachtest: Win 8.1 (64bit) verweigert Antivirenprogramme, ngij.exe-Eintrag in Registry gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131