| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mail mit DHL-Trojaner geöffnetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.05.2015, 08:52
| #1 |
| |  Mail mit DHL-Trojaner geöffnet Ich bin heute morgen auf die Mail mit dem DHL-Trojaner reingefallen und habe den Anhang geöffnet. Habe seitdem den Computer noch nicht neu gestartet, falls das relevant ist. Ein Scan mit FRST ergibt folgendes: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2015
Ran by BUERO1 (administrator) on PFARRAMT on 06-05-2015 09:23:05
Running from C:\Users\BUERO1\Desktop
Loaded Profiles: BUERO1 (Available profiles: BUERO1 & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\Setup\New\instup.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [606208 2009-10-13] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [EfficientDiary] => [X]
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\RunOnce: [Adobe Speed Launcher] => 1430809314
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\MountPoints2: {bb71a8f1-24ea-11e3-807c-f46d04792bb7} - F:\LaunchU3.exe -a
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-06] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKU\S-1-5-21-1763853671-2955367855-4097840964-1000 -> {7D16B773-F191-447E-9EFF-5F206531B4B1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=A429D69B-0DC7-41A6-BF38-8F452866F464&apn_sauid=DFEC0DB6-9A2B-4F65-9439-564EA107FD6B
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Wikipedia (de)
FF Homepage: https://www.lk-bs.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-15]
FF Extension: Adblock Plus - C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-24]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-25] (Samsung Electronics Co., Ltd.)
U4 Messenger; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 09:23 - 2015-05-06 09:23 - 00013256 _____ () C:\Users\BUERO1\Desktop\FRST.txt
2015-05-06 09:23 - 2015-05-06 09:23 - 00000000 ____D () C:\FRST
2015-05-06 09:17 - 2015-05-06 09:19 - 02101248 _____ (Farbar) C:\Users\BUERO1\Desktop\FRST64.exe
2015-05-06 09:16 - 2015-05-06 09:16 - 11469720 _____ () C:\Users\BUERO1\Desktop\mbar-1.09.1.1004.exe.part
2015-05-06 09:16 - 2015-05-06 09:16 - 00000000 _____ () C:\Users\BUERO1\Desktop\mbar-1.09.1.1004.exe
2015-05-06 09:15 - 2015-05-06 09:15 - 01140736 _____ (Farbar) C:\Users\BUERO1\Desktop\FRST.exe
2015-05-05 12:28 - 2015-05-05 12:36 - 00000108 ____H () C:\Users\BUERO1\Desktop\.~lock.Rogate 2015 mit Taufe Ida Ulrich.odt#
2015-05-04 09:29 - 2015-05-04 09:29 - 00022374 _____ () C:\Users\BUERO1\Desktop\Ablauf Christi Himmelfahrt 2015.odt
2015-04-29 18:53 - 2015-04-29 18:53 - 00000000 ____D () C:\Users\BUERO1\Documents\capella
2015-04-29 18:53 - 2015-04-29 18:53 - 00000000 ____D () C:\Users\BUERO1\AppData\Roaming\capella-software
2015-04-27 20:39 - 2015-05-04 09:40 - 00000000 ____D () C:\Users\BUERO1\Desktop\Jubiläum Frauenhilfe Räbke 2015
2015-04-24 09:06 - 2015-04-24 09:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-22 12:31 - 2015-04-27 20:34 - 00072880 _____ () C:\Users\BUERO1\Desktop\Briefkopf Pfarrverband 2015.odt
2015-04-15 15:28 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 15:28 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 15:28 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 15:28 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 15:28 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 15:28 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 15:28 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 15:28 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 15:28 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 15:28 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 15:28 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 15:28 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 15:28 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 15:28 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 15:28 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 15:28 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 15:28 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 15:28 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 15:28 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 15:28 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 15:28 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 15:28 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 15:27 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 15:27 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 15:27 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 15:27 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 15:27 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 15:27 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 15:27 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 15:27 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 15:27 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 15:27 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 15:27 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 15:27 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 15:27 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 15:27 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 15:27 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 15:27 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 15:27 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 15:27 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 15:27 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 15:27 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 15:27 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 15:27 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 15:27 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 15:27 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 15:27 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 15:27 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 15:27 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 15:27 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 15:27 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 15:27 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 15:27 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 15:27 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 15:27 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 15:27 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 15:27 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 15:27 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 15:10 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 15:10 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 15:10 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 15:10 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 15:09 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 15:09 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 15:09 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 15:09 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 15:09 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 15:09 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 15:09 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 15:09 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 15:09 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 15:09 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 15:09 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 15:09 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 15:08 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 15:08 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 15:08 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 15:08 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 15:08 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 15:08 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 15:08 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 15:08 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 15:08 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 15:08 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 15:08 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 15:08 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 15:08 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 15:08 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 15:08 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 15:08 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 15:08 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 15:08 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 15:08 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 15:08 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 15:08 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 15:03 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 15:03 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 15:03 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-08 14:38 - 2015-05-05 12:36 - 00018479 _____ () C:\Users\BUERO1\Desktop\Rogate 2015 mit Taufe Ida Ulrich.odt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 09:05 - 2012-04-11 13:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 09:04 - 2011-08-24 12:41 - 01694773 _____ () C:\Windows\WindowsUpdate.log
2015-05-06 08:30 - 2012-06-22 11:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-06 08:05 - 2012-04-11 13:32 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 12:36 - 2013-09-18 11:45 - 06753280 ___SH () C:\Users\BUERO1\Desktop\Thumbs.db
2015-05-05 09:09 - 2009-07-14 06:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 09:09 - 2009-07-14 06:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 09:01 - 2012-07-10 17:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-05 09:01 - 2011-08-24 13:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 09:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 09:01 - 2009-07-14 06:51 - 00107218 _____ () C:\Windows\setupact.log
2015-05-01 06:07 - 2013-03-16 16:05 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 12:02 - 2013-10-23 09:47 - 00000000 ____D () C:\Users\BUERO1\Documents\Eigene Dateien
2015-04-29 18:48 - 2011-08-25 15:24 - 00000000 ____D () C:\Users\Public\Documents\Gupta Kasualien
2015-04-29 18:38 - 2014-02-10 15:29 - 00000000 ____D () C:\Users\BUERO1\Desktop\Pfarrer Tobias Crins
2015-04-27 12:11 - 2012-11-13 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 12:31 - 2011-08-25 15:23 - 00000000 ____D () C:\Users\Public\Documents\Briefkopf
2015-04-16 13:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 08:40 - 2014-12-11 09:34 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 08:40 - 2014-05-07 10:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 19:22 - 2014-02-25 13:19 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 19:22 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-04-15 19:22 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-04-15 19:21 - 2009-07-14 07:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 19:20 - 2013-08-14 19:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 19:10 - 2011-08-24 13:35 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 16:36 - 2012-06-22 11:53 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 16:36 - 2012-06-22 11:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 16:36 - 2011-08-24 16:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 16:48 - 2015-02-17 12:55 - 00000000 ____D () C:\Users\BUERO1\AppData\Local\FreePDF_XP
==================== Files in the root of some directories =======
2011-08-25 12:39 - 2013-10-04 13:16 - 0011572 _____ () C:\Users\BUERO1\AppData\Roaming\SmarThruOptions.xml
Some content of TEMP:
====================
C:\Users\BUERO1\AppData\Local\Temp\APNStub.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\BUERO1\AppData\Local\Temp\jre-8u40-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 00:25
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2015
Ran by BUERO1 at 2015-05-06 09:23:55
Running from C:\Users\BUERO1\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1763853671-2955367855-4097840964-500 - Administrator - Disabled)
BUERO1 (S-1-5-21-1763853671-2955367855-4097840964-1000 - Administrator - Enabled) => C:\Users\BUERO1
Gast (S-1-5-21-1763853671-2955367855-4097840964-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1763853671-2955367855-4097840964-1005 - Limited - Enabled)
UpdatusUser (S-1-5-21-1763853671-2955367855-4097840964-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Ask Toolbar Updater (HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.6.3.0 - Asmedia Technology)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
capella start 7 (HKLM-x32\...\{399E00ED-DD0F-431D-A29E-52B10B560084}) (Version: 7.1.26 - capella software AG)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Efficient Diary 3.0 (HKLM-x32\...\Efficient Diary_is1) (Version: - Efficient Software)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript 8.70 (HKLM-x32\...\GPL Ghostscript 8.70) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM-x32\...\{91130407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 270.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 270.61 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Revo Uninstaller 1.90 (HKLM-x32\...\Revo Uninstaller) (Version: 1.90 - VS Revo Group)
Samsung CLX-3170 Series (HKLM-x32\...\Samsung CLX-3170 Series) (Version: - Samsung Electronics CO.,LTD)
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version: - )
SmarThru PC Fax (HKLM-x32\...\SmarThru PC Fax) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
19-04-2015 19:00:27 Windows-Sicherung
27-04-2015 12:22:24 Windows-Sicherung
03-05-2015 19:00:21 Windows-Sicherung
06-05-2015 09:09:08 avast! antivirus system restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1244CC0B-4B3F-4808-80D4-5B0E703C2CFD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {2BA6C90F-1DFE-425A-BB8A-E4939612BB11} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {380F8974-CF32-4F67-ABD9-C38BE5F8CC81} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {3E9C2C52-AD33-4646-8057-F0876B95E8F8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {5B06B42B-0659-4C86-9A6D-9D783B808061} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {6E480F81-AB3F-43E5-837A-B7365CDE8B23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {74015150-7249-4E14-A70D-E9C7706D6B55} - System32\Tasks\{B7638137-87F7-42BD-9F44-E898F164A526} => C:\Users\BUERO1\Desktop\Kirchengemeinde\Besuchsdienst\Geburtstagsprogramm\CSV2ICS.exe
Task: {AEC36861-1028-4971-82F8-B0AAFE33E455} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {B262FFFD-D58E-46FC-90CA-625B473408C9} - System32\Tasks\{B746BAB6-E6C7-4213-9A9E-A39FD8849584} => C:\Users\BUERO1\Desktop\Kirchengemeinde\Besuchsdienst\Geburtstagsprogramm\CSV2ICS.exe
Task: {C141DE57-8B12-45FB-8E89-9726A278B937} - System32\Tasks\{0C33292D-6DAB-4EC5-BDE9-7CECA3A2B75D} => C:\Users\BUERO1\Desktop\Kirchengemeinde\Besuchsdienst\Geburtstagsprogramm\CSV2ICS.exe
Task: {D06A4BEA-F95B-4FE5-ADC5-5EA234519079} - System32\Tasks\{90F8121E-9E82-4EDB-BA71-05E09C23EC2B} => pcalua.exe -a C:\Users\BUERO1\Downloads\irfanview_plugins_437_setup.exe -d C:\Users\BUERO1\Downloads
Task: {E89A5DC1-DCFB-4C56-AC1B-FEC6B3EF6710} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {FBFC07D2-E0EE-42FF-9E68-300A3B2F04E7} - System32\Tasks\{49224A86-0A58-41AA-B889-A68896C56F96} => C:\Users\BUERO1\Desktop\Kirchengemeinde\Besuchsdienst\Geburtstagsprogramm\CSV2ICS.exe
Task: {FEEBAD84-B7EA-4C8B-8EDA-EAD29D402FA9} - System32\Tasks\{D62B94D2-E6E8-40D6-9408-FB73F09E3FD2} => C:\Users\BUERO1\Desktop\Kirchengemeinde\Besuchsdienst\Geburtstagsprogramm\CSV2ICS.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2011-04-07 23:19 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-08-24 16:17 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2011-08-25 12:36 - 2007-08-14 03:03 - 00022016 _____ () C:\Windows\System32\sst1cl6.dll
2011-08-25 12:36 - 2009-10-13 12:41 - 00606208 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2011-08-25 12:36 - 2009-10-13 12:41 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2014-08-06 17:10 - 2014-08-06 17:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-05-04 18:53 - 2015-05-04 18:53 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050401\algo.dll
2015-05-05 09:02 - 2015-05-05 09:02 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050500\algo.dll
2015-05-05 21:03 - 2015-05-05 21:03 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050501\algo.dll
2014-08-06 17:10 - 2014-08-06 17:10 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-31 21:35 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
2003-07-11 02:09 - 2003-07-11 02:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2012-12-18 21:08 - 2012-12-18 21:08 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll
2013-09-20 14:50 - 2013-09-20 14:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 05:54 - 2013-09-17 05:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Public\Documents\Regristaturordnung LRW 2_ Versuch.eml:OECustomProperty
AlternateDataStreams: C:\Users\Public\Documents\Vorsorge- und Notfallmappe.eml:OECustomProperty
AlternateDataStreams: C:\Users\Public\Documents\[Fwd_ Partnerschaftsgruppe].eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\kid-login.de -> hxxps://www.kid-login.de
IE trusted site: HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\landeskirche-braunschweig.de -> hxxps://www.landeskirche-braunschweig.de
IE trusted site: HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\lk-bs.de -> hxxps://www.lk-bs.de
IE trusted site: HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\luchterhand.de -> ek-bs.luchterhand.de
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [{474B13D9-D328-421C-9CF1-BFAA1F923F20}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{485E82E1-9FAE-498B-A165-753BA83A810D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{5A4E15B0-3B89-4CDE-A484-E4A42EAC4AD4}C:\windows\twain_32\samsung\clx3170\sscan2io.exe] => (Allow) C:\windows\twain_32\samsung\clx3170\sscan2io.exe
FirewallRules: [UDP Query User{6B88C966-918B-44E7-8627-E0C7F1BA6C1E}C:\windows\twain_32\samsung\clx3170\sscan2io.exe] => (Allow) C:\windows\twain_32\samsung\clx3170\sscan2io.exe
FirewallRules: [{73A0849D-EE41-4FB9-BD45-0E88E715CD20}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{92C5B8BB-2F0A-4EB3-BB11-E563CA41FAFF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D83F9750-8044-4976-BD98-F1BF299D74D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F99D62AC-4FF7-4BCF-BADB-4ED6362786AC}] => (Allow) LPort=2869
FirewallRules: [{54D47814-6810-47B8-9C9F-7C09C52F6605}] => (Allow) LPort=1900
FirewallRules: [{CB61ECA4-68DA-4259-BD11-CAF0957F6CF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E357BD6C-6D1A-4880-98B1-E81BC54B83C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2925D739-75BC-4991-8FD5-775EA1FE2613}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/19/2015 05:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 37.0.1.5570, Zeitstempel: 0x551e23ee
Name des fehlerhaften Moduls: mozalloc.dll, Version: 37.0.1.5570, Zeitstempel: 0x551e1536
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x155c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (04/05/2015 08:45:47 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT-AUTORITÄT)
Description: Fehler bei der um 2015-04-05T18:20:29.254948600Z gestarteten Sicherung. Fehlercode: "2155348129" (%%2155348129). Suchen Sie in den Ereignisdetails nach einer Lösung, und führen Sie die Sicherung erneut aus, nachdem das Problem behoben wurde.
Error: (03/19/2015 04:29:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 36.0.1.5542, Zeitstempel: 0x54f851c0
Name des fehlerhaften Moduls: xul.dll, Version: 36.0.1.5542, Zeitstempel: 0x54f85115
Ausnahmecode: 0xc0000005
Fehleroffset: 0x011afb85
ID des fehlerhaften Prozesses: 0x36c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (03/11/2015 09:22:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: senddoc.exe, Version: 0.0.0.0, Zeitstempel: 0x52376b25
Name des fehlerhaften Moduls: smapi.dll, Version: 16.4.3528.331, Zeitstempel: 0x533a4011
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000886f
ID des fehlerhaften Prozesses: 0xba4
Startzeit der fehlerhaften Anwendung: 0xsenddoc.exe0
Pfad der fehlerhaften Anwendung: senddoc.exe1
Pfad des fehlerhaften Moduls: senddoc.exe2
Berichtskennung: senddoc.exe3
Error: (02/22/2015 08:11:20 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (02/16/2015 11:02:25 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (01/05/2015 11:32:49 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (01/01/2015 01:06:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: senddoc.exe, Version: 0.0.0.0, Zeitstempel: 0x52376b25
Name des fehlerhaften Moduls: smapi.dll, Version: 16.4.3528.331, Zeitstempel: 0x533a4011
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000886f
ID des fehlerhaften Prozesses: 0x924
Startzeit der fehlerhaften Anwendung: 0xsenddoc.exe0
Pfad der fehlerhaften Anwendung: senddoc.exe1
Pfad des fehlerhaften Moduls: senddoc.exe2
Berichtskennung: senddoc.exe3
Error: (12/29/2014 00:53:53 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (12/22/2014 11:09:44 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)"
System errors:
=============
Error: (05/05/2015 09:03:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/05/2015 09:03:39 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/03/2015 02:51:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/03/2015 02:51:20 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/30/2015 08:35:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/30/2015 08:35:09 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/29/2015 10:03:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/29/2015 10:03:01 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/28/2015 08:47:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/28/2015 08:47:18 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office Sessions:
=========================
Error: (04/19/2015 05:34:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe37.0.1.5570551e23eemozalloc.dll37.0.1.5570551e15368000000300001aa1155c01d07ab647ede6f2C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll88d4500e-e6a9-11e4-ab43-f46d04792bb7
Error: (04/05/2015 08:45:47 PM) (Source: Microsoft-Windows-Backup) (EventID: 517) (User: NT-AUTORITÄT)
Description: 2015-04-05T18:20:29.254948600Z2155348129%%2155348129
Error: (03/19/2015 04:29:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0xul.dll36.0.1.554254f85115c0000005011afb8536c01d062510aae12f0C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll48c70570-ce44-11e4-aec8-f46d04792bb7
Error: (03/11/2015 09:22:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: senddoc.exe0.0.0.052376b25smapi.dll16.4.3528.331533a4011c00000050000886fba401d05c30b92f37f3C:\Program Files (x86)\OpenOffice 4\program\senddoc.exeC:\Program Files (x86)\Windows Live\Mail\smapi.dllf719a69a-c823-11e4-ba32-f46d04792bb7
Error: (02/22/2015 08:11:20 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (02/16/2015 11:02:25 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (01/05/2015 11:32:49 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (01/01/2015 01:06:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: senddoc.exe0.0.0.052376b25smapi.dll16.4.3528.331533a4011c00000050000886f92401d025b30e992d66C:\Program Files (x86)\OpenOffice 4\program\senddoc.exeC:\Program Files (x86)\Windows Live\Mail\smapi.dll4c813aad-91a6-11e4-aced-f46d04792bb7
Error: (12/29/2014 00:53:53 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)
Error: (12/22/2014 11:09:44 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Am Sicherungsspeicherort ist nicht genügend freier Speicherplatz verfügbar, um die Daten zu sichern. (0x80780048)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 48%
Total physical RAM: 4077.24 MB
Available physical RAM: 2118.57 MB
Total Pagefile: 8152.67 MB
Available Pagefile: 4918.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:123.87 GB) (Free:57.76 GB) NTFS
Drive d: (01 Apr 2015) (CDROM) (Total:0.07 GB) (Free:0 GB) UDF
Drive e: (DATEN) (Fixed) (Total:341.8 GB) (Free:10.57 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:7.21 GB) (Free:5.71 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 49E92C7C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=123.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: 2C6B7369)
No partition Table on disk 1.
==================== End Of Log ============================
|
|
06.05.2015, 09:07
| #2 |
| /// the machine /// TB-Ausbilder    | Mail mit DHL-Trojaner geöffnet hi,
__________________Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
06.05.2015, 14:41
| #3 |
| | Mail mit DHL-Trojaner geöffnet Erstmal vielen Dank bis hierher.
__________________Hat soweit alles funktioniert. Hier die Ergebnisse: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.06.01
rootkit: v2015.04.21.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
BUERO1 :: PFARRAMT [administrator]
06.05.2015 11:48:15
mbar-log-2015-05-06 (11-48-15).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 385282
Time elapsed: 12 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:38:28.0096 0x0fb0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:38:32.0823 0x0fb0 ============================================================
15:38:32.0823 0x0fb0 Current date / time: 2015/05/06 15:38:32.0823
15:38:32.0823 0x0fb0 SystemInfo:
15:38:32.0823 0x0fb0
15:38:32.0823 0x0fb0 OS Version: 6.1.7601 ServicePack: 1.0
15:38:32.0823 0x0fb0 Product type: Workstation
15:38:32.0823 0x0fb0 ComputerName: PFARRAMT
15:38:32.0823 0x0fb0 UserName: BUERO1
15:38:32.0823 0x0fb0 Windows directory: C:\Windows
15:38:32.0823 0x0fb0 System windows directory: C:\Windows
15:38:32.0823 0x0fb0 Running under WOW64
15:38:32.0823 0x0fb0 Processor architecture: Intel x64
15:38:32.0823 0x0fb0 Number of processors: 4
15:38:32.0823 0x0fb0 Page size: 0x1000
15:38:32.0823 0x0fb0 Boot type: Normal boot
15:38:32.0823 0x0fb0 ============================================================
15:38:33.0930 0x0fb0 KLMD registered as C:\Windows\system32\drivers\61291587.sys
15:38:34.0117 0x0fb0 System UUID: {D918E581-0DF1-A6B7-7C6E-5A28D56560C9}
15:38:34.0429 0x0fb0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:38:34.0429 0x0fb0 Drive \Device\Harddisk1\DR1 - Size: 0x1CDFFE000 ( 7.22 Gb ), SectorSize: 0x200, Cylinders: 0x3AE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:38:34.0429 0x0fb0 ============================================================
15:38:34.0429 0x0fb0 \Device\Harddisk0\DR0:
15:38:34.0429 0x0fb0 MBR partitions:
15:38:34.0429 0x0fb0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:38:34.0429 0x0fb0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xF7BB000
15:38:34.0429 0x0fb0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xF7ED800, BlocksNum 0x2AB97800
15:38:34.0429 0x0fb0 \Device\Harddisk1\DR1:
15:38:34.0429 0x0fb0 MBR partitions:
15:38:34.0429 0x0fb0 ============================================================
15:38:34.0445 0x0fb0 C: <-> \Device\Harddisk0\DR0\Partition2
15:38:34.0476 0x0fb0 E: <-> \Device\Harddisk0\DR0\Partition3
15:38:34.0476 0x0fb0 ============================================================
15:38:34.0476 0x0fb0 Initialize success
15:38:34.0476 0x0fb0 ============================================================
15:39:18.0905 0x136c ============================================================
15:39:18.0905 0x136c Scan started
15:39:18.0905 0x136c Mode: Manual;
15:39:18.0905 0x136c ============================================================
15:39:18.0905 0x136c KSN ping started
15:39:32.0618 0x136c KSN ping finished: true
15:39:33.0242 0x136c ================ Scan system memory ========================
15:39:33.0242 0x136c System memory - ok
15:39:33.0242 0x136c ================ Scan services =============================
15:39:33.0366 0x136c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:39:33.0366 0x136c 1394ohci - ok
15:39:33.0429 0x136c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:39:33.0444 0x136c ACPI - ok
15:39:33.0460 0x136c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:39:33.0476 0x136c AcpiPmi - ok
15:39:33.0554 0x136c [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:39:33.0554 0x136c AdobeARMservice - ok
15:39:33.0663 0x136c [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:39:33.0678 0x136c AdobeFlashPlayerUpdateSvc - ok
15:39:33.0725 0x136c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:39:33.0725 0x136c adp94xx - ok
15:39:33.0756 0x136c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:39:33.0756 0x136c adpahci - ok
15:39:33.0772 0x136c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:39:33.0772 0x136c adpu320 - ok
15:39:33.0803 0x136c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:39:33.0803 0x136c AeLookupSvc - ok
15:39:33.0866 0x136c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
15:39:33.0881 0x136c AFD - ok
15:39:33.0912 0x136c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:39:33.0912 0x136c agp440 - ok
15:39:33.0928 0x136c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:39:33.0928 0x136c ALG - ok
15:39:33.0959 0x136c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:39:33.0959 0x136c aliide - ok
15:39:33.0975 0x136c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:39:33.0975 0x136c amdide - ok
15:39:33.0990 0x136c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:39:33.0990 0x136c AmdK8 - ok
15:39:34.0006 0x136c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:39:34.0006 0x136c AmdPPM - ok
15:39:34.0022 0x136c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:39:34.0037 0x136c amdsata - ok
15:39:34.0068 0x136c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:39:34.0068 0x136c amdsbs - ok
15:39:34.0084 0x136c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:39:34.0100 0x136c amdxata - ok
15:39:34.0115 0x136c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
15:39:34.0131 0x136c AppID - ok
15:39:34.0146 0x136c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:39:34.0146 0x136c AppIDSvc - ok
15:39:34.0178 0x136c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:39:34.0178 0x136c Appinfo - ok
15:39:34.0209 0x136c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:39:34.0209 0x136c AppMgmt - ok
15:39:34.0240 0x136c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:39:34.0240 0x136c arc - ok
15:39:34.0256 0x136c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:39:34.0256 0x136c arcsas - ok
15:39:34.0287 0x136c [ 718692FFF22D6AF47EBA0A741A924921, 01E462C868B9DB635F8D0D6FCA1B312FF4C3BE8EE9E4103B4B0406329767D02D ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
15:39:34.0302 0x136c asmthub3 - ok
15:39:34.0334 0x136c [ BAD70A5AC534C108F680A33C654BC626, 994FC917A2C737EAAD5A5F98056D56800AD8C0F3B43C7227B9888DE4DC3428CE ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
15:39:34.0349 0x136c asmtxhci - ok
15:39:34.0458 0x136c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:39:34.0458 0x136c aspnet_state - ok
15:39:34.0521 0x136c [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
15:39:34.0521 0x136c aswHwid - ok
15:39:34.0568 0x136c [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:39:34.0568 0x136c aswMonFlt - ok
15:39:34.0614 0x136c [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
15:39:34.0614 0x136c aswRdr - ok
15:39:34.0646 0x136c [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
15:39:34.0646 0x136c aswRvrt - ok
15:39:34.0724 0x136c [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:39:34.0739 0x136c aswSnx - ok
15:39:34.0786 0x136c [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:39:34.0786 0x136c aswSP - ok
15:39:34.0817 0x136c [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\Windows\system32\drivers\aswStm.sys
15:39:34.0833 0x136c aswStm - ok
15:39:34.0848 0x136c [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
15:39:34.0864 0x136c aswVmm - ok
15:39:34.0895 0x136c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:39:34.0895 0x136c AsyncMac - ok
15:39:34.0926 0x136c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:39:34.0926 0x136c atapi - ok
15:39:34.0989 0x136c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:39:35.0004 0x136c AudioEndpointBuilder - ok
15:39:35.0020 0x136c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:39:35.0036 0x136c AudioSrv - ok
15:39:35.0114 0x136c [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:39:35.0114 0x136c avast! Antivirus - ok
15:39:35.0145 0x136c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:39:35.0145 0x136c AxInstSV - ok
15:39:35.0176 0x136c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:39:35.0192 0x136c b06bdrv - ok
15:39:35.0238 0x136c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:39:35.0254 0x136c b57nd60a - ok
15:39:35.0285 0x136c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:39:35.0301 0x136c BDESVC - ok
15:39:35.0301 0x136c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:39:35.0316 0x136c Beep - ok
15:39:35.0379 0x136c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:39:35.0394 0x136c BFE - ok
15:39:35.0426 0x136c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:39:35.0441 0x136c BITS - ok
15:39:35.0457 0x136c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:39:35.0457 0x136c blbdrive - ok
15:39:35.0488 0x136c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:39:35.0488 0x136c bowser - ok
15:39:35.0519 0x136c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:39:35.0519 0x136c BrFiltLo - ok
15:39:35.0519 0x136c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:39:35.0519 0x136c BrFiltUp - ok
15:39:35.0550 0x136c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:39:35.0566 0x136c Browser - ok
15:39:35.0582 0x136c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:39:35.0582 0x136c Brserid - ok
15:39:35.0597 0x136c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:39:35.0597 0x136c BrSerWdm - ok
15:39:35.0597 0x136c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:39:35.0597 0x136c BrUsbMdm - ok
15:39:35.0613 0x136c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:39:35.0613 0x136c BrUsbSer - ok
15:39:35.0613 0x136c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:39:35.0613 0x136c BTHMODEM - ok
15:39:35.0660 0x136c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:39:35.0660 0x136c bthserv - ok
15:39:35.0675 0x136c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:39:35.0691 0x136c cdfs - ok
15:39:35.0722 0x136c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:39:35.0722 0x136c cdrom - ok
15:39:35.0753 0x136c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:39:35.0769 0x136c CertPropSvc - ok
15:39:35.0769 0x136c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:39:35.0769 0x136c circlass - ok
15:39:35.0816 0x136c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
15:39:35.0831 0x136c CLFS - ok
15:39:35.0878 0x136c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:39:35.0894 0x136c clr_optimization_v2.0.50727_32 - ok
15:39:35.0940 0x136c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:39:35.0940 0x136c clr_optimization_v2.0.50727_64 - ok
15:39:36.0003 0x136c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:39:36.0003 0x136c clr_optimization_v4.0.30319_32 - ok
15:39:36.0034 0x136c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:39:36.0034 0x136c clr_optimization_v4.0.30319_64 - ok
15:39:36.0065 0x136c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:39:36.0065 0x136c CmBatt - ok
15:39:36.0096 0x136c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:39:36.0096 0x136c cmdide - ok
15:39:36.0143 0x136c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
15:39:36.0159 0x136c CNG - ok
15:39:36.0174 0x136c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:39:36.0174 0x136c Compbatt - ok
15:39:36.0221 0x136c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:39:36.0221 0x136c CompositeBus - ok
15:39:36.0221 0x136c COMSysApp - ok
15:39:36.0237 0x136c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:39:36.0252 0x136c crcdisk - ok
15:39:36.0284 0x136c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:39:36.0299 0x136c CryptSvc - ok
15:39:36.0330 0x136c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:39:36.0346 0x136c CSC - ok
15:39:36.0408 0x136c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:39:36.0424 0x136c CscService - ok
15:39:36.0455 0x136c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:39:36.0471 0x136c DcomLaunch - ok
15:39:36.0486 0x136c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:39:36.0502 0x136c defragsvc - ok
15:39:36.0533 0x136c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:39:36.0533 0x136c DfsC - ok
15:39:36.0564 0x136c [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
15:39:36.0564 0x136c DgiVecp - ok
15:39:36.0611 0x136c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:39:36.0611 0x136c Dhcp - ok
15:39:36.0642 0x136c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:39:36.0642 0x136c discache - ok
15:39:36.0689 0x136c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:39:36.0689 0x136c Disk - ok
15:39:36.0736 0x136c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:39:36.0736 0x136c Dnscache - ok
15:39:36.0767 0x136c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:39:36.0767 0x136c dot3svc - ok
15:39:36.0798 0x136c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:39:36.0798 0x136c DPS - ok
15:39:36.0845 0x136c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:39:36.0845 0x136c drmkaud - ok
15:39:36.0923 0x136c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:39:36.0923 0x136c DXGKrnl - ok
15:39:36.0954 0x136c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:39:36.0954 0x136c EapHost - ok
15:39:37.0048 0x136c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:39:37.0110 0x136c ebdrv - ok
15:39:37.0142 0x136c [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
15:39:37.0142 0x136c EFS - ok
15:39:37.0188 0x136c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:39:37.0220 0x136c ehRecvr - ok
15:39:37.0251 0x136c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:39:37.0251 0x136c ehSched - ok
15:39:37.0282 0x136c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:39:37.0282 0x136c elxstor - ok
15:39:37.0298 0x136c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:39:37.0298 0x136c ErrDev - ok
15:39:37.0329 0x136c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:39:37.0344 0x136c EventSystem - ok
15:39:37.0360 0x136c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:39:37.0360 0x136c exfat - ok
15:39:37.0376 0x136c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:39:37.0391 0x136c fastfat - ok
15:39:37.0438 0x136c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:39:37.0454 0x136c Fax - ok
15:39:37.0469 0x136c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:39:37.0469 0x136c fdc - ok
15:39:37.0485 0x136c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:39:37.0485 0x136c fdPHost - ok
15:39:37.0500 0x136c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:39:37.0500 0x136c FDResPub - ok
15:39:37.0516 0x136c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:39:37.0516 0x136c FileInfo - ok
15:39:37.0516 0x136c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:39:37.0516 0x136c Filetrace - ok
15:39:37.0532 0x136c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:39:37.0547 0x136c flpydisk - ok
15:39:37.0563 0x136c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:39:37.0578 0x136c FltMgr - ok
15:39:37.0641 0x136c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:39:37.0656 0x136c FontCache - ok
15:39:37.0719 0x136c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:39:37.0719 0x136c FontCache3.0.0.0 - ok
15:39:37.0734 0x136c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:39:37.0734 0x136c FsDepends - ok
15:39:37.0766 0x136c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:39:37.0766 0x136c Fs_Rec - ok
15:39:37.0797 0x136c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:39:37.0797 0x136c fvevol - ok
15:39:37.0828 0x136c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:39:37.0828 0x136c gagp30kx - ok
15:39:37.0859 0x136c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:39:37.0875 0x136c gpsvc - ok
15:39:37.0968 0x136c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:39:37.0968 0x136c gupdate - ok
15:39:37.0984 0x136c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:39:37.0984 0x136c gupdatem - ok
15:39:37.0984 0x136c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:39:38.0000 0x136c hcw85cir - ok
15:39:38.0046 0x136c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:39:38.0062 0x136c HdAudAddService - ok
15:39:38.0093 0x136c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:39:38.0093 0x136c HDAudBus - ok
15:39:38.0109 0x136c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:39:38.0109 0x136c HidBatt - ok
15:39:38.0124 0x136c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:39:38.0124 0x136c HidBth - ok
15:39:38.0140 0x136c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:39:38.0156 0x136c HidIr - ok
15:39:38.0171 0x136c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:39:38.0171 0x136c hidserv - ok
15:39:38.0202 0x136c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:39:38.0202 0x136c HidUsb - ok
15:39:38.0234 0x136c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:39:38.0234 0x136c hkmsvc - ok
15:39:38.0265 0x136c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:39:38.0280 0x136c HomeGroupListener - ok
15:39:38.0296 0x136c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:39:38.0296 0x136c HomeGroupProvider - ok
15:39:38.0343 0x136c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:39:38.0343 0x136c HpSAMD - ok
15:39:38.0421 0x136c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:39:38.0421 0x136c HTTP - ok
15:39:38.0436 0x136c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:39:38.0436 0x136c hwpolicy - ok
15:39:38.0468 0x136c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:39:38.0468 0x136c i8042prt - ok
15:39:38.0499 0x136c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:39:38.0499 0x136c iaStorV - ok
15:39:38.0577 0x136c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:39:38.0577 0x136c idsvc - ok
15:39:38.0608 0x136c IEEtwCollectorService - ok
15:39:38.0624 0x136c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:39:38.0624 0x136c iirsp - ok
15:39:38.0670 0x136c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:39:38.0686 0x136c IKEEXT - ok
15:39:38.0780 0x136c [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:39:38.0826 0x136c IntcAzAudAddService - ok
15:39:38.0842 0x136c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:39:38.0842 0x136c intelide - ok
15:39:38.0873 0x136c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:39:38.0873 0x136c intelppm - ok
15:39:38.0889 0x136c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:39:38.0904 0x136c IPBusEnum - ok
15:39:38.0936 0x136c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:39:38.0936 0x136c IpFilterDriver - ok
15:39:38.0982 0x136c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:39:38.0998 0x136c iphlpsvc - ok
15:39:39.0029 0x136c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:39:39.0029 0x136c IPMIDRV - ok
15:39:39.0045 0x136c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:39:39.0045 0x136c IPNAT - ok
15:39:39.0060 0x136c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:39:39.0060 0x136c IRENUM - ok
15:39:39.0076 0x136c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:39:39.0076 0x136c isapnp - ok
15:39:39.0107 0x136c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:39:39.0123 0x136c iScsiPrt - ok
15:39:39.0138 0x136c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:39:39.0138 0x136c kbdclass - ok
15:39:39.0154 0x136c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:39:39.0154 0x136c kbdhid - ok
15:39:39.0170 0x136c [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
15:39:39.0170 0x136c KeyIso - ok
15:39:39.0201 0x136c [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:39:39.0201 0x136c KSecDD - ok
15:39:39.0232 0x136c [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:39:39.0248 0x136c KSecPkg - ok
15:39:39.0248 0x136c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:39:39.0248 0x136c ksthunk - ok
15:39:39.0279 0x136c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:39:39.0294 0x136c KtmRm - ok
15:39:39.0310 0x136c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:39:39.0326 0x136c LanmanServer - ok
15:39:39.0341 0x136c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:39:39.0357 0x136c LanmanWorkstation - ok
15:39:39.0372 0x136c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:39:39.0372 0x136c lltdio - ok
15:39:39.0419 0x136c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:39:39.0419 0x136c lltdsvc - ok
15:39:39.0435 0x136c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:39:39.0450 0x136c lmhosts - ok
15:39:39.0528 0x136c [ 7F32D4C47A50E7223491E8FB9359907D, 6D3F59A8D006BED3234697933D09C8EE8F7A9F4A4196CFA878F8E8A929B24CE5 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:39:39.0544 0x136c LMS - ok
15:39:39.0575 0x136c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:39:39.0575 0x136c LSI_FC - ok
15:39:39.0591 0x136c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:39:39.0591 0x136c LSI_SAS - ok
15:39:39.0606 0x136c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:39:39.0606 0x136c LSI_SAS2 - ok
15:39:39.0622 0x136c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:39:39.0622 0x136c LSI_SCSI - ok
15:39:39.0638 0x136c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:39:39.0638 0x136c luafv - ok
15:39:39.0669 0x136c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:39:39.0669 0x136c Mcx2Svc - ok
15:39:39.0716 0x136c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
15:39:39.0731 0x136c MDM - ok
15:39:39.0747 0x136c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:39:39.0747 0x136c megasas - ok
15:39:39.0762 0x136c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:39:39.0762 0x136c MegaSR - ok
15:39:39.0794 0x136c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:39:39.0809 0x136c MEIx64 - ok
15:39:39.0840 0x136c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:39:39.0856 0x136c MMCSS - ok
15:39:39.0872 0x136c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:39:39.0872 0x136c Modem - ok
15:39:39.0903 0x136c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:39:39.0903 0x136c monitor - ok
15:39:39.0934 0x136c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:39:39.0934 0x136c mouclass - ok
15:39:39.0950 0x136c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:39:39.0950 0x136c mouhid - ok
15:39:39.0996 0x136c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:39:39.0996 0x136c mountmgr - ok
15:39:40.0074 0x136c [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:39:40.0074 0x136c MozillaMaintenance - ok
15:39:40.0106 0x136c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:39:40.0106 0x136c mpio - ok
15:39:40.0152 0x136c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:39:40.0152 0x136c mpsdrv - ok
15:39:40.0215 0x136c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:39:40.0230 0x136c MpsSvc - ok
15:39:40.0277 0x136c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:39:40.0277 0x136c MRxDAV - ok
15:39:40.0293 0x136c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:39:40.0308 0x136c mrxsmb - ok
15:39:40.0324 0x136c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:39:40.0324 0x136c mrxsmb10 - ok
15:39:40.0340 0x136c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:39:40.0355 0x136c mrxsmb20 - ok
15:39:40.0371 0x136c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:39:40.0371 0x136c msahci - ok
15:39:40.0386 0x136c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:39:40.0386 0x136c msdsm - ok
15:39:40.0402 0x136c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:39:40.0402 0x136c MSDTC - ok
15:39:40.0433 0x136c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:39:40.0433 0x136c Msfs - ok
15:39:40.0449 0x136c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:39:40.0449 0x136c mshidkmdf - ok
15:39:40.0464 0x136c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:39:40.0464 0x136c msisadrv - ok
15:39:40.0511 0x136c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:39:40.0527 0x136c MSiSCSI - ok
15:39:40.0527 0x136c msiserver - ok
15:39:40.0558 0x136c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:39:40.0558 0x136c MSKSSRV - ok
15:39:40.0574 0x136c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:39:40.0574 0x136c MSPCLOCK - ok
15:39:40.0574 0x136c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:39:40.0589 0x136c MSPQM - ok
15:39:40.0620 0x136c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:39:40.0620 0x136c MsRPC - ok
15:39:40.0667 0x136c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:39:40.0667 0x136c mssmbios - ok
15:39:40.0667 0x136c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:39:40.0667 0x136c MSTEE - ok
15:39:40.0683 0x136c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:39:40.0683 0x136c MTConfig - ok
15:39:40.0698 0x136c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:39:40.0698 0x136c Mup - ok
15:39:40.0730 0x136c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:39:40.0730 0x136c napagent - ok
15:39:40.0761 0x136c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:39:40.0761 0x136c NativeWifiP - ok
15:39:40.0823 0x136c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:39:40.0839 0x136c NDIS - ok
15:39:40.0839 0x136c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:39:40.0839 0x136c NdisCap - ok
15:39:40.0870 0x136c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:39:40.0870 0x136c NdisTapi - ok
15:39:40.0901 0x136c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:39:40.0901 0x136c Ndisuio - ok
15:39:40.0932 0x136c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:39:40.0932 0x136c NdisWan - ok
15:39:40.0964 0x136c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:39:40.0964 0x136c NDProxy - ok
15:39:40.0979 0x136c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:39:40.0979 0x136c NetBIOS - ok
15:39:41.0010 0x136c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:39:41.0026 0x136c NetBT - ok
15:39:41.0042 0x136c [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
15:39:41.0057 0x136c Netlogon - ok
15:39:41.0088 0x136c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:39:41.0104 0x136c Netman - ok
15:39:41.0151 0x136c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:41.0151 0x136c NetMsmqActivator - ok
15:39:41.0166 0x136c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:41.0166 0x136c NetPipeActivator - ok
15:39:41.0182 0x136c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:39:41.0198 0x136c netprofm - ok
15:39:41.0198 0x136c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:41.0213 0x136c NetTcpActivator - ok
15:39:41.0213 0x136c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:39:41.0213 0x136c NetTcpPortSharing - ok
15:39:41.0244 0x136c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:39:41.0244 0x136c nfrd960 - ok
15:39:41.0276 0x136c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:39:41.0291 0x136c NlaSvc - ok
15:39:41.0307 0x136c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:39:41.0307 0x136c Npfs - ok
15:39:41.0322 0x136c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:39:41.0322 0x136c nsi - ok
15:39:41.0338 0x136c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:39:41.0338 0x136c nsiproxy - ok
15:39:41.0416 0x136c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:39:41.0447 0x136c Ntfs - ok
15:39:41.0447 0x136c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:39:41.0447 0x136c Null - ok
15:39:41.0494 0x136c [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:39:41.0494 0x136c NVHDA - ok
15:39:41.0822 0x136c [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:39:41.0993 0x136c nvlddmkm - ok
15:39:42.0024 0x136c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:39:42.0024 0x136c nvraid - ok
15:39:42.0056 0x136c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:39:42.0056 0x136c nvstor - ok
15:39:42.0102 0x136c [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] NVSvc C:\Windows\system32\nvvsvc.exe
15:39:42.0118 0x136c NVSvc - ok
15:39:42.0212 0x136c [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:39:42.0227 0x136c nvUpdatusService - ok
15:39:42.0274 0x136c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:39:42.0274 0x136c nv_agp - ok
15:39:42.0305 0x136c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:39:42.0305 0x136c ohci1394 - ok
15:39:42.0336 0x136c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:39:42.0336 0x136c ose - ok
15:39:42.0368 0x136c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:39:42.0383 0x136c p2pimsvc - ok
15:39:42.0414 0x136c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:39:42.0446 0x136c p2psvc - ok
15:39:42.0461 0x136c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:39:42.0461 0x136c Parport - ok
15:39:42.0492 0x136c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:39:42.0492 0x136c partmgr - ok
15:39:42.0524 0x136c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:39:42.0524 0x136c PcaSvc - ok
15:39:42.0539 0x136c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:39:42.0555 0x136c pci - ok
15:39:42.0586 0x136c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:39:42.0586 0x136c pciide - ok
15:39:42.0602 0x136c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:39:42.0617 0x136c pcmcia - ok
15:39:42.0633 0x136c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:39:42.0633 0x136c pcw - ok
15:39:42.0680 0x136c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:39:42.0695 0x136c PEAUTH - ok
15:39:42.0758 0x136c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:39:42.0773 0x136c PeerDistSvc - ok
15:39:42.0836 0x136c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:39:42.0836 0x136c PerfHost - ok
15:39:42.0898 0x136c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:39:42.0929 0x136c pla - ok
15:39:42.0960 0x136c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:39:42.0960 0x136c PlugPlay - ok
15:39:42.0976 0x136c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:39:42.0976 0x136c PNRPAutoReg - ok
15:39:42.0992 0x136c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:39:42.0992 0x136c PNRPsvc - ok
15:39:43.0023 0x136c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:39:43.0038 0x136c PolicyAgent - ok
15:39:43.0054 0x136c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:39:43.0054 0x136c Power - ok
15:39:43.0101 0x136c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:39:43.0101 0x136c PptpMiniport - ok
15:39:43.0132 0x136c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:39:43.0132 0x136c Processor - ok
15:39:43.0163 0x136c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:39:43.0179 0x136c ProfSvc - ok
15:39:43.0179 0x136c [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:39:43.0179 0x136c ProtectedStorage - ok
15:39:43.0226 0x136c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:39:43.0226 0x136c Psched - ok
15:39:43.0288 0x136c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:39:43.0319 0x136c ql2300 - ok
15:39:43.0335 0x136c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:39:43.0335 0x136c ql40xx - ok
15:39:43.0350 0x136c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:39:43.0366 0x136c QWAVE - ok
15:39:43.0366 0x136c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:39:43.0366 0x136c QWAVEdrv - ok
15:39:43.0397 0x136c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:39:43.0397 0x136c RasAcd - ok
15:39:43.0413 0x136c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:39:43.0413 0x136c RasAgileVpn - ok
15:39:43.0428 0x136c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:39:43.0428 0x136c RasAuto - ok
15:39:43.0444 0x136c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:39:43.0460 0x136c Rasl2tp - ok
15:39:43.0506 0x136c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:39:43.0522 0x136c RasMan - ok
15:39:43.0522 0x136c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:39:43.0522 0x136c RasPppoe - ok
15:39:43.0538 0x136c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:39:43.0538 0x136c RasSstp - ok
15:39:43.0553 0x136c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:39:43.0553 0x136c rdbss - ok
15:39:43.0569 0x136c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:39:43.0569 0x136c rdpbus - ok
15:39:43.0584 0x136c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:39:43.0584 0x136c RDPCDD - ok
15:39:43.0616 0x136c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:39:43.0616 0x136c RDPDR - ok
15:39:43.0647 0x136c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:39:43.0647 0x136c RDPENCDD - ok
15:39:43.0647 0x136c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:39:43.0647 0x136c RDPREFMP - ok
15:39:43.0725 0x136c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:39:43.0725 0x136c RdpVideoMiniport - ok
15:39:43.0772 0x136c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:39:43.0772 0x136c RDPWD - ok
15:39:43.0803 0x136c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:39:43.0803 0x136c rdyboost - ok
15:39:43.0834 0x136c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:39:43.0834 0x136c RemoteAccess - ok
15:39:43.0865 0x136c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:39:43.0865 0x136c RemoteRegistry - ok
15:39:43.0881 0x136c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:39:43.0881 0x136c RpcEptMapper - ok
15:39:43.0896 0x136c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:39:43.0896 0x136c RpcLocator - ok
15:39:43.0928 0x136c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:39:43.0943 0x136c RpcSs - ok
15:39:43.0959 0x136c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:39:43.0959 0x136c rspndr - ok
15:39:44.0021 0x136c [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:39:44.0037 0x136c RTL8167 - ok
15:39:44.0068 0x136c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:39:44.0068 0x136c s3cap - ok
15:39:44.0068 0x136c [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
15:39:44.0068 0x136c SamSs - ok
15:39:44.0084 0x136c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:39:44.0099 0x136c sbp2port - ok
15:39:44.0130 0x136c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:39:44.0146 0x136c SCardSvr - ok
15:39:44.0162 0x136c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:39:44.0162 0x136c scfilter - ok
15:39:44.0208 0x136c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:39:44.0240 0x136c Schedule - ok
15:39:44.0271 0x136c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:39:44.0271 0x136c SCPolicySvc - ok
15:39:44.0286 0x136c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:39:44.0302 0x136c SDRSVC - ok
15:39:44.0318 0x136c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:39:44.0318 0x136c secdrv - ok
15:39:44.0349 0x136c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:39:44.0349 0x136c seclogon - ok
15:39:44.0364 0x136c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:39:44.0364 0x136c SENS - ok
15:39:44.0380 0x136c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:39:44.0380 0x136c SensrSvc - ok
15:39:44.0396 0x136c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:39:44.0396 0x136c Serenum - ok
15:39:44.0442 0x136c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:39:44.0442 0x136c Serial - ok
15:39:44.0458 0x136c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:39:44.0458 0x136c sermouse - ok
15:39:44.0489 0x136c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:39:44.0489 0x136c SessionEnv - ok
15:39:44.0520 0x136c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:39:44.0520 0x136c sffdisk - ok
15:39:44.0536 0x136c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:39:44.0536 0x136c sffp_mmc - ok
15:39:44.0536 0x136c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:39:44.0552 0x136c sffp_sd - ok
15:39:44.0567 0x136c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:39:44.0567 0x136c sfloppy - ok
15:39:44.0598 0x136c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:39:44.0614 0x136c SharedAccess - ok
15:39:44.0645 0x136c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:39:44.0645 0x136c ShellHWDetection - ok
15:39:44.0676 0x136c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:39:44.0676 0x136c SiSRaid2 - ok
15:39:44.0692 0x136c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:39:44.0692 0x136c SiSRaid4 - ok
15:39:44.0723 0x136c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:39:44.0723 0x136c Smb - ok
15:39:44.0770 0x136c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:39:44.0770 0x136c SNMPTRAP - ok
15:39:44.0786 0x136c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:39:44.0786 0x136c spldr - ok
15:39:44.0832 0x136c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:39:44.0848 0x136c Spooler - ok
15:39:44.0957 0x136c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:39:45.0020 0x136c sppsvc - ok
15:39:45.0035 0x136c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:39:45.0035 0x136c sppuinotify - ok
15:39:45.0066 0x136c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:39:45.0082 0x136c srv - ok
15:39:45.0098 0x136c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:39:45.0098 0x136c srv2 - ok
15:39:45.0113 0x136c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:39:45.0113 0x136c srvnet - ok
15:39:45.0144 0x136c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:39:45.0144 0x136c SSDPSRV - ok
15:39:45.0160 0x136c [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
15:39:45.0176 0x136c SSPORT - ok
15:39:45.0176 0x136c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:39:45.0176 0x136c SstpSvc - ok
15:39:45.0238 0x136c [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:39:45.0254 0x136c Stereo Service - ok
15:39:45.0269 0x136c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:39:45.0269 0x136c stexstor - ok
15:39:45.0316 0x136c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:39:45.0316 0x136c stisvc - ok
15:39:45.0347 0x136c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:39:45.0347 0x136c storflt - ok
15:39:45.0363 0x136c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:39:45.0363 0x136c storvsc - ok
15:39:45.0378 0x136c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
15:39:45.0378 0x136c swenum - ok
15:39:45.0394 0x136c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:39:45.0410 0x136c swprv - ok
15:39:45.0410 0x136c Synth3dVsc - ok
15:39:45.0472 0x136c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:39:45.0503 0x136c SysMain - ok
15:39:45.0534 0x136c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:39:45.0534 0x136c TabletInputService - ok
15:39:45.0550 0x136c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:39:45.0550 0x136c TapiSrv - ok
15:39:45.0566 0x136c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:39:45.0566 0x136c TBS - ok
15:39:45.0644 0x136c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:39:45.0659 0x136c Tcpip - ok
15:39:45.0722 0x136c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:39:45.0753 0x136c TCPIP6 - ok
15:39:45.0768 0x136c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:39:45.0784 0x136c tcpipreg - ok
15:39:45.0800 0x136c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:39:45.0800 0x136c TDPIPE - ok
15:39:45.0815 0x136c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:39:45.0815 0x136c TDTCP - ok
15:39:45.0846 0x136c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:39:45.0862 0x136c tdx - ok
15:39:45.0878 0x136c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
15:39:45.0878 0x136c TermDD - ok
15:39:45.0924 0x136c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:39:45.0940 0x136c TermService - ok
15:39:45.0956 0x136c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:39:45.0971 0x136c Themes - ok
15:39:45.0987 0x136c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:39:45.0987 0x136c THREADORDER - ok
15:39:46.0002 0x136c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:39:46.0002 0x136c TrkWks - ok
15:39:46.0049 0x136c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:39:46.0049 0x136c TrustedInstaller - ok
15:39:46.0080 0x136c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:39:46.0080 0x136c tssecsrv - ok
15:39:46.0112 0x136c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:39:46.0112 0x136c TsUsbFlt - ok
15:39:46.0112 0x136c tsusbhub - ok
15:39:46.0143 0x136c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:39:46.0158 0x136c tunnel - ok
15:39:46.0174 0x136c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:39:46.0174 0x136c uagp35 - ok
15:39:46.0221 0x136c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:39:46.0221 0x136c udfs - ok
15:39:46.0252 0x136c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:39:46.0252 0x136c UI0Detect - ok
15:39:46.0283 0x136c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:39:46.0283 0x136c uliagpkx - ok
15:39:46.0299 0x136c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:39:46.0299 0x136c umbus - ok
15:39:46.0330 0x136c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:39:46.0330 0x136c UmPass - ok
15:39:46.0346 0x136c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:39:46.0346 0x136c UmRdpService - ok
15:39:46.0455 0x136c [ 2C16648A12999AE69A9EBF41974B0BA2, 06008F61B6EC36CD34CB8C4BA983371DB7A9F4BEE15E5329F5E90FEEE300D258 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:39:46.0502 0x136c UNS - ok
15:39:46.0517 0x136c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:39:46.0533 0x136c upnphost - ok
15:39:46.0564 0x136c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
15:39:46.0564 0x136c usbccgp - ok
15:39:46.0595 0x136c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:39:46.0595 0x136c usbcir - ok
15:39:46.0611 0x136c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:39:46.0611 0x136c usbehci - ok
15:39:46.0626 0x136c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:39:46.0642 0x136c usbhub - ok
15:39:46.0642 0x136c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:39:46.0642 0x136c usbohci - ok
15:39:46.0689 0x136c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:39:46.0689 0x136c usbprint - ok
15:39:46.0704 0x136c [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:39:46.0704 0x136c usbscan - ok
15:39:46.0720 0x136c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:39:46.0736 0x136c USBSTOR - ok
15:39:46.0751 0x136c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:39:46.0751 0x136c usbuhci - ok
15:39:46.0767 0x136c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:39:46.0767 0x136c UxSms - ok
15:39:46.0798 0x136c [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
15:39:46.0798 0x136c VaultSvc - ok
15:39:46.0829 0x136c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:39:46.0829 0x136c vdrvroot - ok
15:39:46.0876 0x136c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:39:46.0892 0x136c vds - ok
15:39:46.0938 0x136c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:39:46.0938 0x136c vga - ok
15:39:46.0938 0x136c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:39:46.0938 0x136c VgaSave - ok
15:39:46.0954 0x136c VGPU - ok
15:39:46.0985 0x136c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:39:46.0985 0x136c vhdmp - ok
15:39:47.0016 0x136c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:39:47.0032 0x136c viaide - ok
15:39:47.0048 0x136c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:39:47.0048 0x136c vmbus - ok
15:39:47.0063 0x136c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:39:47.0063 0x136c VMBusHID - ok
15:39:47.0079 0x136c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:39:47.0079 0x136c volmgr - ok
15:39:47.0110 0x136c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:39:47.0110 0x136c volmgrx - ok
15:39:47.0126 0x136c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:39:47.0126 0x136c volsnap - ok
15:39:47.0172 0x136c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:39:47.0172 0x136c vsmraid - ok
15:39:47.0250 0x136c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:39:47.0282 0x136c VSS - ok
15:39:47.0297 0x136c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:39:47.0297 0x136c vwifibus - ok
15:39:47.0344 0x136c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:39:47.0360 0x136c W32Time - ok
15:39:47.0360 0x136c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:39:47.0375 0x136c WacomPen - ok
15:39:47.0391 0x136c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:39:47.0391 0x136c WANARP - ok
15:39:47.0391 0x136c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:39:47.0391 0x136c Wanarpv6 - ok
15:39:47.0484 0x136c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:39:47.0516 0x136c WatAdminSvc - ok
15:39:47.0562 0x136c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:39:47.0594 0x136c wbengine - ok
15:39:47.0609 0x136c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:39:47.0609 0x136c WbioSrvc - ok
15:39:47.0640 0x136c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:39:47.0640 0x136c wcncsvc - ok
15:39:47.0656 0x136c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:39:47.0656 0x136c WcsPlugInService - ok
15:39:47.0672 0x136c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:39:47.0672 0x136c Wd - ok
15:39:47.0734 0x136c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:39:47.0750 0x136c Wdf01000 - ok
15:39:47.0781 0x136c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:39:47.0796 0x136c WdiServiceHost - ok
15:39:47.0796 0x136c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:39:47.0796 0x136c WdiSystemHost - ok
15:39:47.0828 0x136c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:39:47.0843 0x136c WebClient - ok
15:39:47.0843 0x136c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:39:47.0859 0x136c Wecsvc - ok
15:39:47.0874 0x136c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:39:47.0874 0x136c wercplsupport - ok
15:39:47.0890 0x136c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:39:47.0890 0x136c WerSvc - ok
15:39:47.0906 0x136c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:39:47.0906 0x136c WfpLwf - ok
15:39:47.0921 0x136c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:39:47.0921 0x136c WIMMount - ok
15:39:47.0937 0x136c WinDefend - ok
15:39:47.0952 0x136c WinHttpAutoProxySvc - ok
15:39:48.0015 0x136c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:39:48.0030 0x136c Winmgmt - ok
15:39:48.0108 0x136c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
15:39:48.0140 0x136c WinRM - ok
15:39:48.0186 0x136c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUSB.sys
15:39:48.0186 0x136c WinUsb - ok
15:39:48.0218 0x136c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:39:48.0233 0x136c Wlansvc - ok
15:39:48.0374 0x136c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:39:48.0405 0x136c wlidsvc - ok
15:39:48.0436 0x136c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:39:48.0436 0x136c WmiAcpi - ok
15:39:48.0452 0x136c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:39:48.0467 0x136c wmiApSrv - ok
15:39:48.0483 0x136c WMPNetworkSvc - ok
15:39:48.0483 0x136c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:39:48.0483 0x136c WPCSvc - ok
15:39:48.0514 0x136c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:39:48.0530 0x136c WPDBusEnum - ok
15:39:48.0545 0x136c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:39:48.0545 0x136c ws2ifsl - ok
15:39:48.0561 0x136c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:39:48.0576 0x136c wscsvc - ok
15:39:48.0576 0x136c WSearch - ok
15:39:48.0670 0x136c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
15:39:48.0717 0x136c wuauserv - ok
15:39:48.0748 0x136c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:39:48.0748 0x136c WudfPf - ok
15:39:48.0779 0x136c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:39:48.0795 0x136c WUDFRd - ok
15:39:48.0810 0x136c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:39:48.0826 0x136c wudfsvc - ok
15:39:48.0857 0x136c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:39:48.0873 0x136c WwanSvc - ok
15:39:48.0873 0x136c ================ Scan global ===============================
15:39:48.0904 0x136c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:39:48.0935 0x136c [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
15:39:48.0951 0x136c [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
15:39:48.0982 0x136c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:39:49.0013 0x136c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:39:49.0029 0x136c [ Global ] - ok
15:39:49.0029 0x136c ================ Scan MBR ==================================
15:39:49.0029 0x136c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:39:49.0232 0x136c \Device\Harddisk0\DR0 - ok
15:39:49.0232 0x136c [ 44BE629DC92D6E5114AE5EF5B899C5A6 ] \Device\Harddisk1\DR1
15:39:49.0247 0x136c \Device\Harddisk1\DR1 - ok
15:39:49.0247 0x136c ================ Scan VBR ==================================
15:39:49.0247 0x136c [ 01222D54B99DB358F714831894126238 ] \Device\Harddisk0\DR0\Partition1
15:39:49.0247 0x136c \Device\Harddisk0\DR0\Partition1 - ok
15:39:49.0263 0x136c [ A4393536B5CBA330FC469EBFFE2A1978 ] \Device\Harddisk0\DR0\Partition2
15:39:49.0263 0x136c \Device\Harddisk0\DR0\Partition2 - ok
15:39:49.0263 0x136c [ FF3B34338950AE18BC93E4E97702FF29 ] \Device\Harddisk0\DR0\Partition3
15:39:49.0263 0x136c \Device\Harddisk0\DR0\Partition3 - ok
15:39:49.0263 0x136c ================ Scan generic autorun ======================
15:39:49.0559 0x136c [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:39:49.0731 0x136c RtHDVCpl - ok
15:39:49.0778 0x136c [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
15:39:49.0778 0x136c FreePDF Assistant - ok
15:39:49.0824 0x136c [ B5C2B8DD12E1DDA55DDA0A22B11200C4, 5FD64D505CCFB81F7AE1DD23516273930F4983D632A0DEF1ED93E2090986E7D7 ] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
15:39:49.0824 0x136c Samsung PanelMgr - ok
15:39:49.0918 0x136c [ 07A37CB5C5A01E73FB69F138FAE2DB0E, 9E8B5D78D7EAB8FA35133763EDA91AFE5CDEE275D604F02CDB56FB00A0D5AA0F ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:39:49.0934 0x136c Adobe ARM - ok
15:39:50.0090 0x136c [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:39:50.0152 0x136c AvastUI.exe - ok
15:39:50.0214 0x136c [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:39:50.0214 0x136c SunJavaUpdateSched - ok
15:39:50.0308 0x136c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:39:50.0324 0x136c Sidebar - ok
15:39:50.0339 0x136c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:39:50.0355 0x136c mctadmin - ok
15:39:50.0386 0x136c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:39:50.0402 0x136c Sidebar - ok
15:39:50.0402 0x136c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:39:50.0417 0x136c mctadmin - ok
15:39:50.0417 0x136c Adobe Speed Launcher - ok
15:39:50.0433 0x136c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:39:50.0448 0x136c Sidebar - ok
15:39:50.0464 0x136c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:39:50.0464 0x136c mctadmin - ok
15:39:50.0464 0x136c Waiting for KSN requests completion. In queue: 340
15:39:51.0478 0x136c Waiting for KSN requests completion. In queue: 340
15:39:52.0492 0x136c Waiting for KSN requests completion. In queue: 28
15:39:53.0522 0x136c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
15:39:53.0522 0x136c Win FW state via NFP2: enabled
15:39:56.0267 0x136c ============================================================
15:39:56.0267 0x136c Scan finished
15:39:56.0267 0x136c ============================================================
15:39:56.0267 0x0f90 Detected object count: 0
15:39:56.0267 0x0f90 Actual detected object count: 0
15:39:59.0918 0x0a8c Deinitialize success
|
|
07.05.2015, 07:13
| #4 |
| /// the machine /// TB-Ausbilder | Mail mit DHL-Trojaner geöffnet hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.05.2015, 08:10
| #5 |
| | Mail mit DHL-Trojaner geöffnet Hat ohne Fehlermeldung funktioniert. Code:
ATTFilter Combofix Logfile: |
|
07.05.2015, 16:43
| #6 |
| /// the machine /// TB-Ausbilder | Mail mit DHL-Trojaner geöffnet Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Mail mit DHL-Trojaner geöffnet |
|
07.05.2015, 20:28
| #7 |
| | Mail mit DHL-Trojaner geöffnetCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 07.05.2015 Suchlauf-Zeit: 19:27:43 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.03.09.05 Rootkit Datenbank: v2015.04.21.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: BUERO1 Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 397862 Verstrichene Zeit: 9 Min, 14 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 2 PUP.Optional.Softonic.A, C:\Users\BUERO1\Downloads\SoftonicDownloader_fuer_free-youtube-to-mp3-converter.exe, In Quarantäne, [d5a451f242480a2cb545cf7b659c3bc5], PUP.Optional.Softonic.A, C:\Users\BUERO1\Downloads\SoftonicDownloader_fuer_free-youtube-to-mp3.exe, In Quarantäne, [b7c294af4d3d0f27906a74d656abd22e], Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.203 - Bericht erstellt 07/05/2015 um 21:10:43
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-05.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : BUERO1 - PFARRAMT
# Gestarted von : C:\Users\BUERO1\Desktop\AdwCleaner_4.203.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7D16B773-F191-447E-9EFF-5F206531B4B1}
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Schlüssel Gelöscht : HKCU\Software\OCS
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17728
-\\ Mozilla Firefox v37.0.2 (x86 de)
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [1276 Bytes] - [07/05/2015 21:09:13]
AdwCleaner[S0].txt - [1028 Bytes] - [07/05/2015 21:10:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1087 Bytes] ##########
--- --- ---
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.8 (05.06.2015:1)
OS: Windows 7 Ultimate x64
Ran by BUERO1 on 07.05.2015 at 21:15:45,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{00B16237-82DF-4E0B-9716-8A936922FDC3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{014580BE-DA14-45D3-B217-F5D7C0EC535D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{01D619CD-8A9D-44E5-86C4-27F430FC5015}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{021D2831-F95D-4533-A746-D6FE37B0A5C9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{030BA8B8-1FE9-4396-A66B-D901F2AA350B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0320D3A6-C267-4827-A2FE-455B605767D5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{03239C4B-456D-461F-B192-6F4BAD8F53D6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{04240D5C-7B89-406F-97BE-AB4DFE76BFCF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0453CD55-94C9-4C36-A3DF-C3991B64D149}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{046ACCC7-D143-483D-8F03-54A2D6A21818}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0496C746-33CE-4EE8-BCD3-1073CDC6F760}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{05FC7626-39D7-4941-8100-1DC7E334F955}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{063E0A1A-AC10-4FA7-A6F2-B938E68217AB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{064B2606-B758-43BA-9001-B837390F1521}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{064F4D8F-87FB-457B-A4AA-6C1582645255}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{065AB6E0-1933-4DAB-8AE2-C35B55644440}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{06CCEAD9-96F8-4F65-A242-EA4143FEE13A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0703A865-14FF-47D8-B42E-3C77CA953BA3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0717CDB3-5DAD-40C5-B9D6-CC68070512DF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0763A925-2F15-47C4-91A6-687F26A0ECDC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{079F777A-9D4F-495A-B531-9A0225DC57D1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{08061983-6737-4068-BF3D-348461587259}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{08476502-63A6-42A3-BCA8-94A30C0DBB18}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{08BFC3C3-4A4A-4FCE-B54D-CF8D0991D773}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{08F1E75E-7440-46C4-88DA-364E756D05B8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{09678451-2198-42FE-88D4-B984D4AEC7BD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{096D5BBA-214A-4086-BB3C-E84C2CB5B376}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0994401B-FDE8-4165-AB2C-1B8E902197F6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{09A7407F-C95B-4E03-B025-D968EE7E5914}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{09CC3AF0-1036-4463-BBE3-5B660B9EC7FB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0AD4A44B-7418-4497-9E31-DA563FFABA3E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0B120C42-B2EE-4C66-B4A0-95E53F5C8431}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0B1491C4-9801-495F-A48F-A4B696AFB134}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0BE424F1-E517-4691-8AA3-7994EF3248C3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0C397DA2-8633-4C86-BE7A-F37B2EC3E052}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0CF215FD-27AC-4A84-A003-56F43BD9F4AD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0D33CC2E-70BB-48F6-840D-2E4E1CB3F08E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0D9933B7-8B8F-40EA-9E97-886A0460B33E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0D9B9A0C-AB5C-47D2-8541-71D433274565}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0DB377CB-DDCB-4A69-B771-110E8C807CEE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0E04C38A-7D0C-41AD-9BEF-EB77B82CFDF9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0EBF1C85-EE96-4F7E-B631-0306FEF46E96}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0F4A8FCE-46C3-45B4-9FED-4E01BDB9C69E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0F6C25BF-3D0D-4FC2-B5A0-DE9D45F89E68}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0FD8163A-0246-4CF2-97BE-C649E923A07A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{0FE34647-BE46-427A-8E43-F8EA69AEA229}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{111D2EC9-9F80-41E5-BB31-AAEB03FBC7F1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{11E3DF7F-5D00-4C3C-B403-02B0A0396787}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{12401B6F-6CFC-4945-B62C-99D9D3855030}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{12AB61DF-C240-4ADC-B961-9CB63797CDA1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{12B683CE-5B26-4028-9197-2D3FA73EE307}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{12EA5974-665B-466B-9247-89F11F8D3A2E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{12F86437-8E72-4B20-8EEC-F06F1461EBF3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{136C43E0-A062-4E1A-B7CB-831471185EA8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{137C4A1E-EB16-41EA-8076-B37099B952E9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{139450A4-579C-41BF-89DF-72023F09D901}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{13A979CE-C4B9-4C5C-8B37-4223162C4E95}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1439C9DD-D098-4E10-8642-240B90504E5A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{14415EC3-E07D-48C4-829E-C1E5D1EC2541}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{14827EA9-3FE8-4C1F-974C-3CDF8D1023DF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{148B0EFA-1725-46CB-AABC-4F895EEFBDF7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1541D0E5-5C45-424E-AED4-7E3A0B8A5DD7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{159AF8E6-1D6E-48EB-900A-46CB5190EC65}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1637B33F-8078-4ADE-86A0-2BF55F965620}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{163DA82A-9864-4777-BDBF-31D35B4D9D11}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{165F417A-9990-499C-97D9-60F9066CB235}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{168F4662-996D-4629-A27B-E40A5EBAD8CB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1727C1FE-CAAA-446C-8A01-9B76CF85E084}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1733F673-88E9-4B65-9956-1D92FD0AC34D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{173FF7C1-BDFF-4D4B-9348-18F1819CC24C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{184E385B-C109-425B-9A41-6F58B28D277F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{18F25785-6595-4E38-98E5-B5C7B77E05F9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{18F841AB-505C-41C6-98DF-9DFE69E6853B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1923F312-6506-484B-B25D-F686B391B3A6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{19450B11-1747-49B0-BE68-5F594647803D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{196A184B-5544-4A83-A351-D9D1CB8DED68}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{198A9681-FA4A-4890-A8FD-BAF1636E17B4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{19A2C36F-52F4-499C-8740-E842C210F153}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{19FA40BE-FD88-417F-9BB5-4DEBAD6D61DE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1A7B2B07-7B66-404E-9AEE-027460B5781C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1B45291B-53C0-4971-8CF4-063584A027FE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1B728F02-E4E6-4DED-AD4D-624A28376CC9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1B939F0E-B228-42A4-BF00-AAE5E886EE8C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1BCB202E-7FBC-4353-AB1D-5DE786A150B0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1BCF585F-CF88-4F95-A6E8-E30DEBB407C7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1BDC3D2F-9271-42C3-8772-8562D5B417FE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1C2DA3FD-6409-4B82-B847-6345E775271C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1C30C90A-209D-4F2E-BE0E-0DF8D6F270AC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1C4C549F-2897-466F-9D40-C40326BAEBD2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1C53ABF1-7931-473D-A226-A37E8062D5FF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1CB8BDE8-1846-45DD-B7E9-1EE2180913D1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1D017D2C-51C0-46D3-BF10-CF61D655D66E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1D910914-1ACD-4F1C-B00F-FD389372A64F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1E3F00AC-8E2D-4B3C-91E3-B9141BAEDB30}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1EC41827-7EAB-4390-827C-D7389357A95A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1F6D2E17-C5B9-421F-8532-58FDABB93145}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1FBC3262-FD7F-48CD-9E6B-A65030D0BC0E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{1FE4FEDC-F258-4CDD-B147-F15858DE2F6A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{20615CF8-1BB7-4C58-8ED4-89D4838EADA2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{211F4000-DAAB-4F21-A878-4697054B7A4D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{21E7E8FE-ED33-407A-AD92-215BDC727C1E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2317D9FA-66B6-4989-B023-F2FED0E0D420}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2318A262-4FD0-4987-9C1E-C33E0225ADE4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{23A3820F-0CFF-4154-A542-DC13B781822F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{240EFDC6-F595-48C6-B5DE-5E75D55C97C6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2474C914-EC97-44E9-A3A6-D97AF9062CE0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{247A52E8-9224-4178-98B2-1FB75731463E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{248FE42F-489E-4542-9673-3D5BF9B3609E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{254E2C36-259B-47F4-BB33-C3E2AB5FE1A9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{25CE8EF9-2FE2-46FD-81B0-3260BB7697ED}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{264B6EE9-13C5-45CF-80F9-AC8012694D7A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{26A5E26A-CFC8-4687-BD35-A96A5C66CB58}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{26D3F48E-F79B-45E6-99EE-79CEF0E821F0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{26F45A67-9F47-45BF-8BF7-FA8F437FAABB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2726E0B5-BE25-429B-BBE0-540EDBC1D491}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{274FDF47-6D95-4B3D-B941-C2A6772C6231}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{275661A7-7A21-4A18-AEB9-A3A9A06F67E7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{275DDAB4-1B72-4EDB-989A-47BD5E23C397}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{27904BF9-288A-4561-9EE9-87CDD5514E5F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2798A101-4947-4705-823D-2F9B024E99B2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{27D63B03-4A4E-49A2-978C-8815DC1FA93C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{27F83FE3-3AFA-4DF5-8318-E7FEB742D16E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{27FD9655-F665-4736-BBBF-7D380745B5E1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2838A840-EA0B-41DF-A0FB-9403AEF83292}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{283C20CB-3BFB-46C1-8710-B259F323008E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2974D1A4-D3E2-4C97-89F1-CB249E74987E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{29776F99-1850-46D9-869A-DA71F97424AB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{29E78F0A-78E4-4ADE-92B0-49B905899FA2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{29FC9B2D-C67F-44FB-BBAA-6D20EDDC3BD7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2A044156-E214-42A8-BA74-E949DF61A4D5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2A5D1751-A09F-4C1A-BBAB-3D4058FC17E6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2ACDDA1C-FB64-48BE-8D58-1854CCF4ECE0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2AF56129-5546-4707-9A1E-6F1112571FA6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2BAF7628-343A-4F31-8DE7-FA7E74496893}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2BC114D5-7664-4437-9AB0-0ACED7D5454F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2BC555E7-7616-4B33-AE1A-2D0338704382}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2C5B8D76-AC9C-48D8-A166-F29699B031CF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2CB352F1-C6D4-4293-8A97-4C054D7DB10D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2D046F76-2942-45CF-89CF-F94F01FF4A7D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2D8F8B3A-E396-43DE-80A9-A94F2536DC07}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2DBE6898-8C16-406C-AC0E-EEF60D643121}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2F841BB4-C9D5-4D9C-9347-70A3F0EDE081}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2F95FB34-55C2-4B8D-A50B-2992BD14FB67}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2FA2B10F-35EF-44CD-9EEA-89E6819FDA65}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{2FB8FB28-4C46-45E7-96BA-FF1F284BD3A4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{301C342D-9668-4D65-93A9-CB18591F8666}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{30551CAD-1D88-47A4-8A84-7EF6C39B97A6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{308D6B1E-9CB4-4DA3-9A10-46437F0C4155}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{313A2B07-412C-40FC-8BFE-4714126D929B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3151AD53-0933-4B53-A77D-8F684B15BFC6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{318A075B-E677-47C6-BEAE-27BBD6D16E40}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{31F24699-3919-4099-86B5-237317AA747A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{31FDBB71-0C2C-489B-9B8E-7EA2F9D07B3F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{32BD8D52-BFA1-44BC-B708-72C903BF6CE4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{32CE8C4F-AC0B-431D-B57F-AB7539C17315}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{32F55F6C-D67E-4334-9545-52CB6CE76EA3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3335A139-E663-498E-ACC9-153F66A2EEEE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3374895D-655C-496A-9F2E-5BEF413E8548}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{33902F92-4E41-4364-A6D8-1D0515837578}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{33DF42E7-91C2-4A27-AFD2-A5E1F7A14302}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{33FEA220-4A4D-4BFC-9F6C-1211E874B421}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{341D2745-3C56-41E0-B00F-8FF70020AB22}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3457076A-912A-4A69-A9D6-192EB8F36311}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{34A22C4C-8D30-4E7B-9562-071DDDAE1320}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{354F36EC-F478-409E-BF4D-7F50A46EAC69}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{35DCC6F4-E570-4421-AAFD-74DDB1C14B35}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{362FF208-8253-484B-A799-1B054A17DBA9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{36CDE574-49CE-4736-A717-982A78E7032A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{37006C8D-ACD8-4D5B-AA48-D4B1E1A18A53}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{37DE96CC-0863-44ED-976D-19F952B2BD5E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{386F139F-B46D-427A-BBC2-218CAE6FFDED}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{38A90F3A-E903-4B00-8BBC-0F1709D09C29}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{39930E98-C3D2-4A62-A135-2AB4B298FCFB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{399D3228-0B82-4FFA-8DCB-C54F158F2B76}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{39DA68A0-10B2-40B6-BC8D-4760C9DF8780}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3A7F9EA0-4477-47F2-8DFB-0182E7027BA3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3AD62CDF-6C97-4D39-A8E5-61FEBDDCBBD2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3ADE28E7-9E79-4FAB-93AD-970D8E8789C1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3BCCC4EE-95B4-4F10-A8EA-5241C070F444}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3C2A067D-BB49-4FCB-9E4C-1B983CD28680}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3CC42574-80A0-4C41-9B49-83AEA69FFD38}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3D27BF43-BFE7-4082-9BF1-11A416F92675}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3E183C36-CB2D-426D-B4B6-39C932BD3DC7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3E409291-7DDB-45E5-ABC6-0FDC581C1E64}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3E49ED25-0B95-4803-9656-5B77F09EBE95}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3EF29D05-2293-4866-8A03-5C96D5C915E0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3F0754A4-AE78-45D8-B858-9F38CAD72E7B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3F56129D-57AC-4ECF-A792-4B53A7DC7BD3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3F7ECD24-25A3-4A73-AAF3-AEC4C586EA71}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3F9EDBFF-EF6E-40A3-B74C-A26546C11783}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3FB9BAED-17BB-44DC-96D9-A3BB8E130AD7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{3FD24438-9D17-4A99-92FC-D3DDF18D83F2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{40B61BFA-DDD1-4DF3-B34D-F0813C87B603}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{40CF195B-A1CD-41C6-B313-6BD6758C7BE0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{410C7704-91E8-4178-96E5-072522E37B75}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{413BE201-4229-4B8D-B4FF-ADF5A7046728}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{42930347-1B51-4B1E-9D74-F780AE707AAE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{43096F89-A28D-4887-ABCE-094BA34F743B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{430AA521-B19E-4843-BA5F-D644CCCD5601}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{432638A7-99DB-4AF0-8C5C-F41A410B57F9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{435255B4-4F39-4AC6-82F9-A842A4719897}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{44518872-B358-4C8E-9BE3-C934702B60AE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{44BEED4E-D2D8-416E-B048-FE6FEECA2CD3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4533C1E3-F62D-4FE6-8283-36651B06F467}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4579ECE5-C8D3-440C-A13B-523ACA78C96B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{46E95B6B-8122-416B-80A3-3196BD1AE626}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{46EC03D5-EBEE-4B25-A111-F4CDD6040635}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{46F019F1-4339-4FEE-BACD-C861693F8C32}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4705E3BA-AD46-4D4F-8B26-B3DF5FCF45B1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4719EDA7-8B07-4D3B-B2AD-BA0A39D0A62C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{474BBBFB-74DC-43B7-B566-8BC215D732AB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{47B46DA5-9FA3-45E1-AF41-018B9EF78200}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{48024433-EB2E-4510-8605-211C8268B9EC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{48A2891B-C098-474E-9AFC-91D97DA6E096}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{49001FEA-45CA-4410-88EB-A993816FB904}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4923007A-4F27-4753-9278-7383CA2C4C21}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{493784B3-B858-4D6D-9534-30B8EBE60D24}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{498E09D0-D529-4B9A-AE42-D20F9864502D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{49CFAC5D-96BC-4C10-AF69-FB9E4493E34E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4A8F2884-D0BA-466B-AAA9-6E22F84F053F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4B58A8FE-4205-43FE-A8DC-B4648F61E3A3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4B74B818-9763-42A4-AF96-0860484130FE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4C513F0B-31B8-4060-985A-426F2B5C4771}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4D1B29D1-551C-4643-BD4B-8F8393726784}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4DFF8AF8-6CB7-4DB9-A8D4-3D4376A1CB76}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4E07D759-A671-44AF-A73E-4D48844314C4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4E260D47-A8DA-4D79-AD63-6C481E26417D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4EA0B847-E0B2-4414-816B-46BC685163A5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4EE2AEFA-B663-4134-8300-88FA83500FE3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4F8405C6-62A0-4B29-B21B-DA5DCCACD2DB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{4FBCA1EC-61BE-4CE0-9333-FBE0E7B9BE3A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{501DD83F-9EC9-42D6-9D94-9EB82D9CF2E1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{501EC042-4696-4A2E-8E06-4981E914EF6C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5057B234-DD25-49A0-9A5A-73D9C5915E32}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{50687715-DE76-4173-8504-185CA29D1F10}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5087F1A7-588E-4CB3-9FBB-FEB3B9E3D546}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5097086F-1FA2-453F-A7CC-C23CF584EB73}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{50B67472-09F7-4684-A97C-97322C49E369}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{50D13A64-E155-478D-B8E0-1ADD72712490}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{50F3E861-4FDE-4094-89FC-754F4B4612A2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5178FB85-9A90-4B8D-9E35-C11C25376D06}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5208D711-3353-4DA2-86C1-ABEA075BD325}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{521DC479-5A10-4BF9-8637-29958D27E9EA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{525D6078-0179-40C0-BB0D-AC5174DA3BFB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5261A450-572B-4968-88D2-753062532CC4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{53B167A8-927E-4F55-A26C-382BBFE8B98F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{541F8A11-9939-4A69-AB4B-2105790A39C8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{545A85F6-4FD1-4950-92FB-597BF3E63894}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{546D32A2-BAC7-4997-AA88-AFED660BDADD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5471C13B-7507-4FCF-85CD-4D1834A22410}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5496CC26-CA02-44A5-B5EA-11FCF66CA893}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{549BDD54-008C-4AD8-9D84-51CA65BAFEDE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{54BC4E0D-6E79-4861-B9D1-FD0700F7010E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{54F481BE-F97B-49EC-889F-1FE8D5A18F9F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{552E16F6-D185-4D1B-893B-C680D383A057}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{555423CD-106B-4F6A-800D-D6A07882A677}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{556B791F-1CF5-4374-A522-E1C2381AE512}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{564CCC13-9788-44B2-BB95-06A91E8CA182}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{56867B48-797E-453B-B331-A041CFC4739B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5692A645-55AF-4F11-BA8B-A71584679550}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{56BF4777-C533-4561-BA5F-A6654CBFDD56}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{57868ED1-BDFE-4282-AB3C-E265ACAEFA47}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{58B6AFD2-2482-45FC-A7F3-735389DEE0FC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{58D8CEFA-9257-4FD7-ABA3-3522F485F533}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{58DA511A-19B1-42FE-A0EC-FF575533DEF8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{59504456-80CC-4E11-95E8-9A701DA298F5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5963B3E1-F967-47F5-BCF0-A910BC9F3962}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{59AF2BCF-1BA8-489F-A4D3-872D5DD885DF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5A164DD5-B835-40FD-91DA-63602077FCBC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5A4C182B-4F2C-4C13-97AE-FA08B1B4DDC6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5A538185-CF2A-4B7E-B5F6-079294FA9AC3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5A6E010C-FDD2-4A18-89B6-D78E7A23710A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5AC288A2-9FC7-4003-8BD0-2019B63A3F57}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5B193B84-A9A0-4798-9380-076A26C7AA24}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5B282F95-6EAF-4FCC-BBA1-F5E345D85195}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5B4C9B5F-E726-4030-B855-3A6F3D5A1F10}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5B53D9DE-7837-4BE5-9E83-3FF3434CC4E9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5BC51E60-8814-439C-BEED-AD884FE27026}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5C08BBD1-84EB-431E-AE47-A109615520AC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5C86E787-7ADF-4B93-8835-2B212C9FF72C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5D0DDD41-2A5A-450A-8C15-2AE1BCA9A2FF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5D34A419-5FF7-49E0-8205-81C9B93BA7EC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5D78C7F2-01FE-4EA6-8ECB-7EE162F3BCA2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5D78D163-BC4E-46C0-AEEE-8F7F8CCCDA8F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5EAEBD5F-1080-4735-9443-9CBCDFDBB0AB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5F1F5A52-57DA-4FD7-A20F-4161688AD44B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{5F312633-ADFE-48E5-B812-53FA91FF0803}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{60B2DF13-B2D8-4A75-8D6C-5A9AF0A74E41}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{60E9E274-0CDD-45F2-AF6F-AC9084233F0F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{613CF158-B24A-41B7-9BB7-70F3CB7DDAE7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{614E66EB-AC82-4017-AED4-B92BAA561116}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6154B880-BF29-4E2B-BF17-655DE8F17B74}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{616D087A-3B0D-41EB-8F7A-89DC929ED505}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{62D4C2C4-C3B7-4E85-BE87-3BA0A3F5E323}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6323E4C2-093E-4C9A-B12F-4F8381CB780F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6345021D-EC87-4204-ADF4-EC64BBD216BB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{63DEBC14-38BA-4901-B074-DD0C19379217}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6450A5B8-0738-43C8-8B20-6B5A697F8B7E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{65A3CCDB-193E-4FA2-9027-C9FBB0813BC6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{65FB86C9-0CA2-4D9A-AFC7-6F0F23260A1B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{66285F4C-429E-43C4-BAC3-A9F7A0A62B1C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{66782370-BD95-4CA0-A9BF-9ADC7EDB0F4B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{668CC8B9-87EA-49A3-9763-B11450B8E1F9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{68AE8DCC-D0C7-4D81-BC49-422B31450D85}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{693A51E5-68BC-49F6-A5C5-273F4CF5FAC2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{694EE192-4042-4CAA-B1B9-A03C089B4B46}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{697BA22F-859E-4AF2-9006-268F0A2F2A73}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6985CDE7-8D32-4F55-B131-C936734C32C6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{69A95AB2-B56D-4287-8074-631130FBB8AF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{69B2C10D-8530-43B2-8C31-6000E008498F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6A111AE1-F5A5-4E5E-8219-CE35DAAA2396}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6A675B03-2665-4C81-958D-0EE09EAE9830}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6B1E9470-037D-46F7-9246-A2B43CD858C8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6B2743E7-A175-477C-A8C2-200BF9D9455B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6B41002A-721A-4182-B4A7-8659FF2189D9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6B5AEDC2-4002-486C-AFF1-25E1A1425953}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6B6ACF3D-8AB3-4083-AA45-8C8C6F2A0827}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6C0BD8E0-5A27-4255-BA07-CA60574015DD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6C28AF23-9615-4576-B0D7-323882A8B19E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6C693576-A40D-4A48-8E57-B7AD01237BEB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6CD83A5C-6633-49A7-B929-CEBC6DB0FB37}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6D11FB36-C2BA-4F85-B20E-319E6F1B75F6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6D262C24-2C75-46B7-8C49-E243AF8B770A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6D658C6A-5618-4757-8769-E36BBA29FC79}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6E11E542-0C03-4B00-92D7-19A0DBF564C4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6E945B33-C78D-4F69-B5E7-D8053C232621}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6F252F69-ABE6-4835-89A1-39C71DC1734D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6F6890FB-4962-419C-A3F0-943BE9FB4031}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6FA3443C-7A8C-4970-B96C-6110E3915A45}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{6FC356CF-FE74-4F46-8D95-A73B1954276A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7058A70B-513E-4C96-8DC2-0D8993479617}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{70CD2487-4CEC-43B9-B0E3-1EF9547B817A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{716D8E60-F113-4292-AEA0-C4800D504032}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{71D40A18-059F-4294-9CA0-CEF68D4FD76E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{71D456D3-6F81-4288-B575-F1EA9E8B5BDD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{71D659A5-70F4-424E-AC42-18E5276D3B76}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7327990E-DEFA-4902-9153-EAF1578EABC6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{73F79CFA-6FC5-4BA9-B4F4-1A6310593D96}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{74C7A495-9E78-4B93-8EC2-DC3E2DBEBD05}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{74F247CA-DDD1-4045-871B-9DE2DDC1F156}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{751236E9-A521-4BBB-A9CF-78D46C1968BA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{75E36463-4B5D-4F88-9335-B70AF7B33154}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{75FF8981-9E54-463B-B8C4-D657E03AA0EB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7619D546-F1E2-4DF0-BF1A-E82D2D54617E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{76505770-3D3C-4F59-A186-264C68D55FD6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7734433D-A215-402F-82C5-F3BA837A726A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{785418C1-0F70-4E34-BF64-FCB3CF803F74}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{797CAFD4-D694-48AD-961F-9336274D87C7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{79FD87B7-FFE6-416B-8B11-BAF5D090F8DA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7A5DA2F8-589F-4671-9BA6-973225EF58C2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7A6E97CA-6436-47C6-8D78-9B1A988E3BEE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7B5D4C6E-4EC5-44EF-B1E3-04E4E8E9859C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7B73983B-E1AA-4244-9AE8-4AB5AB69A120}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7C0C0974-6463-4C51-9691-3B21E5706A79}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7C652862-BE0F-46C5-BCE0-44B24DF414DC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7C6ACFBF-6081-423C-A9DF-83129378F782}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7CCE6CFC-3067-45F3-925C-A6CE1098283C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7CED9DBC-DA8A-4061-93C5-F96A2FC55AF5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7D437708-88E6-4606-83D1-121E647B51D7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7DA38EBE-DE8D-4DF6-BD45-6C11F5C87465}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7DB2B295-E712-4461-B020-E5AF247D4054}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7DE09366-F484-41A7-B9A4-6DAA1937F567}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7E0FF842-53D5-4CB1-B1A7-85DEF667CB68}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7E385922-3F56-4E8C-9B2F-FC40E1A20C74}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7E4A596D-2EE2-41D2-A936-108A91DD95F8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7E77935D-E96D-44AF-AF71-0FD8B0D7202A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7EA6AC4D-FF50-4CD8-A3E1-FC57CF8AA292}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7F1BC460-A60D-4A32-8943-81A138B86094}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7F1CB8F6-4B63-4C44-A0C4-8AB8DD349D59}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7F38EBD1-0ADA-4A69-B2FA-548206253979}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7F56D535-16B6-4AED-BB7B-F549E994E472}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{7FEB130B-228B-439D-8F28-7CEE5FF2FD5C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8064746E-0152-4A71-A60E-92CD9197685D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{81089DE1-F76D-4695-AB66-0950E59E55FE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{810E41C4-E511-4A1C-965A-D90D6E717A1A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8114C031-D0DF-44FA-8E61-66AA3F6CCB67}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8185C77F-EDE0-4988-B43D-C1C7364C81C8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{818FEA0F-34A9-490C-A597-EDDA31C167D3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{81ABF566-67D5-46CC-A615-EDA6E4CEE4AE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{81ADFB53-17BE-45FC-82BF-F1771B1E97C1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{821FD943-70D4-4AF7-BA6B-B8B5545A5BC5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{831DA2C4-B15F-48BE-9210-4CCC9BC5CA10}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{83364235-FC3C-4CC5-B8A4-A350AEA587AA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{836C1ACB-CD0E-457F-A3A8-E25B7C37A54F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{836D473D-1F5D-4ED4-89C6-10096CD965A3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{83BCC8C5-4A4C-415E-8031-77542BA9DD28}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8439CEDB-CA99-4EA3-A06E-9064135EA350}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8451F6FF-13A1-40FD-9F6C-33215AFB3AF0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8508F898-53DA-475F-AA03-35C72BD65BD4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{850F7307-C135-45BA-B654-DB8871A7B8C5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{85C07DEC-20B0-4002-A613-DDC97FA17E29}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{85D022E5-D3F2-419F-B808-B5DE5CD61DF3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{85EC751C-4780-454B-B46E-04699E6401A1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{871980EB-5A62-427F-A477-FE9E9235CAC9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{871EE723-BE1E-4BC9-86A3-50FDB8F7BFE6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{872C23F4-5AE3-4951-A630-1F565F9017D2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{87BFB4E3-79EC-43F0-B8D3-5675C53719CD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{87F408D8-CB98-4A01-9792-EADE692F1270}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{890FD01F-2C84-4E41-8486-F290CA4CF0DF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{892144C8-430F-4856-A5EF-1A2CF1FD939A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{893CBC7A-9D31-4928-BBB0-EF4395668234}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{89EA819A-5222-49AB-BD9F-3C1BF7A9E7B9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8A03C897-6E24-4E87-98F4-EED6CFC3798C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8A140E70-9ABC-4819-AE7F-073E418001C1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8A3DF09E-2DC0-49FD-A5E2-0DCA966537E1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8AC43CDD-4778-4513-B9F4-D68E15928EAC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8ADA97F5-7EC6-4F71-AC20-D840617A3C1C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8B5DDEA2-4987-467C-B2F4-999D8DD73A5F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8BB4B50B-DFB6-45FF-9469-8AD15CDEFE5D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8BD20C4C-11B8-4C46-A32D-813E89B33BE3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8C09BB6F-9221-462C-9B92-0A252A32E77A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8C23DB96-271B-44DA-A4F8-37BCDCD8E269}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8C5A7D12-A414-4F36-9613-F24E317AA7FC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8CFB25B2-E9EE-449F-9718-56A6B7E06B92}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8E0801DF-5D3F-447D-9E29-331D11C4D2E9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8E1A79E4-CC74-40C3-8635-746423A88489}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8E3314CF-31C3-435F-9ACF-EAE8A459D94C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{8EFAA2FC-ACAE-48CF-B993-86917B8BEC3F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{909AEEAE-6F77-40E3-97A7-48FF1E2BB591}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{90F9EC30-1D76-4E67-9DD4-5692074ABB5E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{90FA3139-5418-48D9-AC7F-C3937E743751}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9173CF4F-9860-4359-ACFD-894F8A9FF8A5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{91F894C4-FB6B-4F9D-984E-AAD2119753CE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9285625A-E844-4442-A066-9707A28CD7D0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{92EB3C17-E385-4740-B43F-8D4FBD428AF8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{936923B0-10D6-4567-A160-BE484A042347}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{938CE6D9-75DE-45E7-B8AB-10036B65E8C6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{94702310-D846-47F9-B970-E78F6390FD33}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9481CA73-8953-4624-907F-47689C61B356}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9486BE8A-F50E-41DD-B1EB-9B586460BEBD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{94B8632D-D96F-4AA9-ADD5-E2AE26D72EEE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{94F78D45-D5EA-4A89-B2BC-E75CD5C4AD7A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9538EAF8-DD89-4970-9B39-6A15619CAFE7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9607E920-D6EC-48EE-A91E-5CBE255FF0EA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{96537829-438D-4A58-A148-A72D96EDD340}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{97913C2E-AD8E-4EB9-A880-18C202763E73}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{97FEE8CC-8EE7-4BC0-9C72-2BAB613E4238}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9877427A-7CD3-41EA-8454-F58A35516AC4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{99555AAC-9345-4974-B028-6AE54378C42D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9969FBDC-2749-4AEF-9747-1343E3912963}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{99E7E440-B92A-4015-8220-0DAEB3C1AA1B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9B2A3979-D0D3-41A5-94ED-8A86B1FC1123}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9B45AA09-3A60-4303-AD30-FB7350AF2AFB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9B5689B2-B4A6-4F13-85F3-90729A8704DE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9BB8FC7B-AF44-4504-B20D-F3F90031BBED}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9BCA6A34-B8FA-4037-8423-26CBECE4E58C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9C8C405A-32D7-4EA8-A99E-4CE32C9476A3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9D40CDB4-524B-4602-9B95-0029CC36ECBF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9D4D2F4F-D7A5-4872-A03D-296F7E6A87D9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9D536071-84F6-4414-BE10-5EF0D0FF1A38}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9DB1CDE1-2A75-4053-A047-3428100AD2C3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9DE26DA7-2B1D-4436-B0D9-B1E78CA79D5B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9E476A7D-6B20-405B-9526-B35DAA5B7DFF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9E8BBA97-3544-43BA-9DC0-73CBEAD74F66}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9E8E63CD-4C2E-4527-8A0E-7260125BCACB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9EA0D3F9-52B0-48A2-904E-8C7BEB9D2311}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9EA145C4-A356-43C2-AD76-69CA5714402D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{9F1398ED-0145-44E4-A678-AC8223F43C99}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A0AA9051-E0E3-4126-8C46-0B44F0205D5A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A102F5A8-E40D-41BA-859F-DD0AB79A459C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A11C68A9-D0CE-467C-94CE-D6BB7B198839}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A13EBD19-E356-4157-BDA9-D1A19AD4F579}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A304BEA6-4BE2-4843-840B-B34DE1518A51}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A37648A9-13FB-4C0A-9BB3-4F9A065B609A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A3B799FD-D732-4CBD-8654-FB6E1491B9BA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A431C217-1FB8-44A7-8810-49A9D72E0225}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A4E0553C-A5A5-4025-B347-81EDB1E13179}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A5461138-2426-4BA5-A11B-5FE808C0F55C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A56254DA-9192-402F-BFD6-7D29FD4972C8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A5900EF7-98BA-4F4A-974A-1587E48C9100}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A66751D4-1C33-4D44-A6A2-427D246BD595}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A710CE55-4C63-483E-B47B-1A6BC185D8C7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A7459C1C-96A6-4A20-A3B4-14C25F55F0ED}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A7CC5F6D-A06F-4F52-AFD1-0E693AD39133}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A7EEFE5B-4DBB-403F-9120-FE6734C197BA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A86BA15D-D487-484E-A1D6-F7E26DA131F3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A9199D87-7EBD-42A5-8AD4-E7FC339FBCD0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A9512994-8395-4CB3-B23D-0716B4664A83}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A9647EB9-717A-4913-9355-A8B96F70B7B7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A9B9300B-84C6-4AB9-AAB6-200F769B5AF6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{A9F3B202-A7A1-49F9-9B86-14103562B6AF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AAB6AEA1-34C4-4339-9ECD-6BC2B07D193C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AAD33968-1778-428E-ACAE-DD690923BD82}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AB55E440-D65F-419A-A6A1-AA79543E799D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AB6B90C2-23B1-4919-9B9F-ED40ED02BE89}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AC07B747-F86E-4434-8463-7E16C26CE4EF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AC55E650-CDBE-4C76-9FC3-398BAE919941}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AC63EC50-9A55-441D-B0BB-23C4142E27BA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AC666AB3-C764-4EAB-95FF-8729A9055837}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AD67F290-1DCB-40B2-B6BF-9B7B6B188F18}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{ADA33350-43F8-4BA1-95E6-945E4DAC6E36}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AECF98A1-5921-43D1-A2FE-76407CF4819A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AEECEEC1-2C48-4E7D-802A-D3779FB9649C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AF80C293-02CC-44D6-8484-24E3F43D5660}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AFA4FEC2-0C02-4DA5-B8C5-D1E09D07325D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AFBE75DD-4BD6-4A87-B603-D8CE2E62C8D6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{AFD9D395-BBD1-4BD9-9B30-D4573091DA86}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B0086DF1-5469-4514-A546-F5343744E88C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B05B3954-81C6-4FA8-8002-08B4280179DB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B06DD918-F8A0-4E01-8440-8444B3B69018}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B099389E-1455-4285-9C9E-F7E61934E6C8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B1227ACD-9AA1-4FF3-BD47-9FF35F5F714C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B187BD30-4B02-4E73-BFE6-809F47F8547F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B19892B0-84CA-4CA4-9D77-23D368926BF3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B22E776B-423B-41C6-9E4F-D0E6EF91D64C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B239E816-0990-4D03-B34F-E3D3E3EA962D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B24FAFD1-D6BA-47D5-8D80-35A64AA215A2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B2A44D6E-713A-49DE-98FB-8C4ADE40F82D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B2F5785C-4A06-41A6-8606-88A2F0C65CA8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B4BE56EC-248D-4AEB-8BD5-3DCFA408A36A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B4D9289B-3D6D-4CD6-97D5-A8E042D5FE36}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B4E4EFE5-310E-4B08-AEBA-979BFC7EB968}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B5066A0A-D75E-4D8A-AA66-2AAB7AECA3D3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B518AE31-3BCA-4EB8-9FF7-92C1C96159B0}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B5DBADDE-924A-4989-BDC6-A3D8B2E96375}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B749B46E-0408-44B3-AEEE-DD147A3EEBBB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B76DE950-397E-4B69-94B5-7A08A57EA748}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B7AE6E78-6083-42B0-8A25-44E452673C4D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B7ED4295-F1FC-44A5-9269-0ED9A15C367A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B81CCB5D-C96A-4645-89F4-5A4CAE1AC363}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B8568424-8E3B-4B69-A346-138971DB1A45}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B8AFC193-4913-4A51-A96D-6326AA40B581}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{B98034E1-A7B8-48DF-89A9-84AF9115250B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BA50C780-1AE1-4C79-B2E6-1E061621F5E5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BA63FB8E-1354-4898-ADB8-21BAA049CB08}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BA9A32F2-133F-4FA4-B299-1A59D45BFABA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BAC2770E-7109-4CA6-9B5E-A7186BA89F52}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BACDD131-DC70-4BA6-9A5D-7B42FAEA2F73}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BD3AB238-78EB-4B9C-8533-CB3C0D3B41FE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BD73ABA7-E447-4708-9DA7-F535CE6EA957}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BDB6378D-2428-4956-8CA7-B69BE0D93E4D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BDC235A4-53FC-4E2B-B402-BA7B7D4FC95F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BDFCCCDD-22E4-4B64-9800-2FC59FBBD328}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{BFB7991C-35DF-4F29-8EB8-F78BE4133F06}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C0EC70C2-46D7-47FB-918E-96746A858256}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C12503AF-B322-4D1E-B810-954281C1FD14}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C2C9CD04-C4FF-4B47-91E6-F6B9A770EC4B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C2FFBEE3-FCDD-4772-8A17-26798F0AA927}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C348708B-9919-4AB5-99D8-E921AC025DA7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C3992E71-2635-468E-8B4B-658B4DA90D56}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C3AADD9B-1E42-495A-A1A8-95BBA29C6047}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C4099374-B497-42E4-8D0A-0F15D1E181AA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C4A76324-7497-46EE-9386-C25420578728}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C5705ED3-9724-405A-A386-E8341E82CA4B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C581FD9D-E692-481A-B91C-BB27C86746F3}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C5BC0F15-E335-47EE-98F1-745E22C3D024}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C812FEA8-7653-41BA-886F-B491DBE0DC2C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C8F22FAC-14A1-4934-A235-5A1739D1554C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C9000EDF-AD15-40F1-A6CD-5C0EF18A218E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{C9182BCA-37E0-4E3D-8750-EEC52421E1CE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CA4686AB-7E84-48B0-B63F-EAD8DCE6C110}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CB1B2126-FCB5-452E-8AB7-C2C4943E54E4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CC3D1D61-E1E3-4C1E-9A19-C1DEB144F80C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CC695862-F4C5-40FC-A37F-1C6A0F3DB2C5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CD31098D-E067-43EA-A24E-716210FA532B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CE6DD193-178B-4EA7-9949-D18FE1534221}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CEB7A90B-1C2A-467D-8A5A-FD0AD5D83DD1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{CFAAFB62-2B1A-43B6-813D-FE6769C089EC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D05663F4-B141-47CA-A611-D92A6A4FE76D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D067E94D-5FCC-49B3-83B3-0565B418D4B9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D096D395-EBA6-419F-A521-ED5F1FB7CE23}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D0B57E3F-66D4-4F1A-BDDF-9F1B79380075}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D1108690-4D6D-4F64-8A7A-5B8B0F40E938}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D24C02AC-A58F-45B2-AA38-6BED30C55CCA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D2CCFB13-F587-42E4-BF28-55ACCA6613B4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D37BE0E4-2BCD-472F-A356-99AA57D0B898}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D3C7C0EC-A547-475A-90B5-FF673095EB79}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D466ACEF-DFE8-46FD-9B96-514BADA5534D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D486BDF7-E989-43A8-9C85-8C7372FE2CBB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D4956BC1-263D-447D-8BB9-B94E93C32ADC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D4E963BD-B7D9-41EB-8C5D-AEC4B39E4358}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D5A96BFF-2D85-4A63-A8DC-401589727931}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D635F394-C4B4-4148-BBCB-F8EECAD847DC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D639E54C-F6BE-4A6E-AE94-53CEDA7CE5AB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D644B25D-20E2-48CF-A970-25EDDE7C2EB4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D66DEE43-3589-430A-8D95-F14C1C18D212}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D6A25999-4C01-403F-90BF-CD1B56A35AE4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D6BE24E9-F4F8-4710-86EE-DF32BC3BA90C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D77F514C-6863-4D40-A91C-BE7836168727}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D8CD1596-4A75-4F54-A66B-56F179D2D5A9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D8FFAAA3-3C1C-4D76-9D0B-8540D8038B7B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D92A43CB-763F-4C4A-8047-6210ADA08772}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D9471E11-363E-4871-A7CD-AA36971ED65A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D95E1738-97DF-463E-AE53-6AE4ECB853DC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D9C0899C-C2F2-4650-95E4-BD4FA8AA7E0B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D9EC065C-F2A2-4218-997F-244AEEEADD8A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{D9ED2B9A-FBFC-4FC3-AC25-685E877B9FA1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DB4BEFE7-FD08-4519-AF4D-43EB85F90E7A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DB7714BA-EDD3-4569-B181-FF3EAAB025FF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DB89DCA1-806E-41DB-AFFE-05C04A90F881}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DB998C84-D5B0-4C60-B5F5-E75E7FEB6DC1}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DBB15E7F-32A4-43B7-AD51-DC223DCC1187}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DC7FDD03-CBB4-4227-93A1-C845DAC793C6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DD4E2088-C378-475C-A2CC-A261E31FBEFE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DD5001D1-0F51-44CE-82BF-302D5DEE60F7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DD8D417A-D771-4A7D-8EBE-760672574576}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DE16D764-FDBB-4D0E-9293-3055D30E1AC7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DE25156B-4F1A-466E-A011-E638FD709FE5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DE98DF2E-C823-49D5-9DB2-E8668C17C756}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DEC0972B-30ED-4A75-B711-FE7927AD0173}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DF5DDF51-1569-409E-B30E-FB717C208528}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DF75CCE9-C96F-46EB-93C9-CB41F69DB544}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{DFC3CFD6-0945-4B98-82D2-32639B64BD8F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E057C634-4F85-4088-BCF4-C0F6C7BFDD93}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E0A25660-3B0B-4EB1-BE70-5E03753EEA6A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E0CCCF45-E99A-402F-9E7B-83FCE99E7010}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E0ECF45C-CDA0-4172-8ED1-244803130F1F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E122E6C0-EB49-4F0D-8E0B-10E5DFD1F050}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E12DC981-5E7D-42F9-820F-746B535B4A10}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E1479459-3273-4E58-8AF4-D5FC39F8D7BE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E1BDA38F-78AA-4391-9BD7-07D26C29C525}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E20674A7-0753-439A-8A5E-6680824B06FF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E2BE5523-71C9-4676-915F-40BE53DCC801}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E2CE2F2F-B61E-4510-AE8D-5E6514580494}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E2E2B906-0BAF-4582-9B47-3223EE166E44}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E366CC14-82B9-457F-9E3E-671F432B2AFB}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E397B1C4-3117-40AD-AAE1-403341420D9B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E41E6505-5850-4DF5-867C-CD67B52312BD}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E53DFF4B-137F-4905-A23E-60F2306A3955}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E54ACDB0-A4F6-490E-8C23-D753D8E04C43}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E56A6184-F671-4594-8E77-5A3709838895}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E572268A-34A6-41A3-B574-7F6BC069F419}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E5EE8DFC-638D-476D-8C5C-6FF4F2C5DF27}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E61854AD-6440-4BC4-A5D2-F5C1CEEAFEE4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E681453E-1636-4C34-84AB-6D2C733BF23A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E6816B39-B20C-409B-8B86-65D2B839B3B5}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E68AD28C-0CB5-422A-9793-C14893D49AA8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E6DE3C4F-81CE-4C68-8C03-DB8A7211C3C7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E7A702F0-7796-47A6-AD8D-C0806D8CBDD9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E804E5CB-297F-41F5-A308-9A8781DECF0B}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E873CA15-857C-40BD-9157-0C9B07FBAE10}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E8A9467A-8E19-44B4-B408-0EDD432F017F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E8EDF218-C7DE-4DB8-9CDE-6E40E8F5D8B4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E962876C-8197-4A0D-AE53-EA9E8F4BAE59}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{E9A59C28-05D4-4C10-91AA-C54247F5594C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EA2CD3F6-62D1-4D9D-AB45-A88C0ED9854E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB0B1FAE-87B2-4E01-A007-3FF3789C24D9}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB182D4A-B91F-4640-B891-9398E7D64DBA}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB1B4BF4-F08B-42B0-BAB3-0879B2FEE356}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB5F174E-B71E-44A1-9CBA-FAE6C5C50344}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB6AF377-F709-4EC2-96CF-86E0C4AF2804}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB710A1A-B3AE-4279-8AAB-206CE16D71C4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EB84E705-2D52-415C-B2FA-75F395FD5100}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EBBBD756-F55A-4F1D-84F6-1DF976D3785D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EC3DE29B-F7E7-48D2-83AF-354E7BBFFA96}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{ED019017-B467-482F-B9AD-20FC1DBA9454}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{ED166736-F4AD-4430-94FE-359CAB4C847F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{ED415420-7199-4CDD-838B-9D71C01065DC}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EDA490C7-4FD2-4954-A8FE-614DA92DAA59}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EF5D1535-7894-4B88-B996-90C711948404}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EF69EE57-0F14-4AA7-923A-C5547FC4D202}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{EFD84135-0E80-43BC-A219-60AF9F9E3B3E}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F00478CB-7A56-4AA7-931F-C44E41240F10}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F05CFEBD-8ABF-4C07-9CFB-4369F3C925A4}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F075865F-8E33-4ACD-A7D7-A3282549D554}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F0BA5A22-20BB-4269-B771-B168E160C1DF}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F172EDAD-5E10-46C6-A1C2-33EEF8302532}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F29D9A12-00F2-4269-A1B5-CBD4589FD87A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F2AE623E-6E41-4164-A2B0-94D5A31788D8}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F3575AEF-97C3-474E-9705-C6B1C0E91992}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F4082C69-552D-4BC8-8D41-43C47D60CB8A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F4A27249-6EDB-4534-987C-C59F835773F7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F559F90D-2EBF-4FFA-8643-BFC0C213B77F}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F64B1734-183A-4D63-968E-B872CD6A4634}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F6513AD7-BED0-4077-B944-072FDF225780}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F7350E4C-110C-49B5-A4B0-F0E55761B7E6}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F75FB02A-334C-4B4F-AC38-4EF47DEC2A21}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F865D079-DCAD-4B36-8588-9042BD349A13}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F8A9E2E8-20F1-4A9A-9EA8-4B59D204B643}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F9190479-7C8B-42E4-BA41-019D253F3CA7}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{F9B1706E-E789-4415-B644-9DCCFED1E085}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FA785069-AF28-4EC6-AEE4-E92D45EDCDEE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FACFFD8E-1757-430E-BBBB-E547FA0A0EEE}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FB98B191-5747-4439-92AC-1A3625709E80}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FC631A66-7895-40B8-9189-E89888CD3007}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FD06DD04-42F3-42FC-91F9-5082FC8A974A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FD433F7C-C569-4484-BF85-A1580E9C0096}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FD633B90-AB7B-4410-A9D4-CA5B9C36601D}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FD73552F-34CE-4E1C-96A5-2AEDDB6B8069}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FD85796F-F102-41F2-9547-5B72571A800A}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FD89835D-5008-4085-BEE1-50742BC2857C}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FE0B4225-C87E-43AC-8D08-180F27070907}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FE410134-C26A-49FE-AAAC-2E62466A1A56}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FE49D0B3-B542-42F2-AAB3-98DE6A2727F2}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FE77CC6C-E13A-47DD-9E0B-4439EDB4DD08}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FF71D05B-208B-4B11-B837-35ACD1160C59}
Successfully deleted: [Empty Folder] C:\Users\BUERO1\appdata\local\{FFC663E8-25B8-4346-B53A-B89E55A23181}
~~~ FireFox
Emptied folder: C:\Users\BUERO1\AppData\Roaming\mozilla\firefox\profiles\f7nevo50.default-1392467236862\minidumps [104 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.05.2015 at 21:18:36,56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
07.05.2015, 20:30
| #8 |
| | Mail mit DHL-Trojaner geöffnetFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by BUERO1 (administrator) on PFARRAMT on 07-05-2015 21:22:39
Running from C:\Users\BUERO1\Desktop
Loaded Profiles: BUERO1 (Available profiles: BUERO1 & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [606208 2009-10-13] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-06] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\RunOnce: [Adobe Speed Launcher] => 1431026025
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-06] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-06] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Wikipedia (de)
FF Homepage: https://www.lk-bs.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-15]
FF Extension: Adblock Plus - C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-24]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-06] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-06] ()
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-25] (Samsung Electronics Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-07 21:22 - 2015-05-07 21:22 - 00000000 ____D () C:\Users\BUERO1\Desktop\FRST-OlderVersion
2015-05-07 21:18 - 2015-05-07 21:18 - 00074256 _____ () C:\Users\BUERO1\Desktop\JRT.txt
2015-05-07 21:15 - 2015-05-07 21:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PFARRAMT-Windows-7-Ultimate-(64-bit).dat
2015-05-07 21:15 - 2015-05-07 21:15 - 00000000 ____D () C:\RegBackup
2015-05-07 21:14 - 2015-05-07 21:14 - 00001167 _____ () C:\Users\BUERO1\Desktop\AdwCleaner[S0].txt
2015-05-07 21:08 - 2015-05-07 21:10 - 00000000 ____D () C:\AdwCleaner
2015-05-07 19:50 - 2015-05-07 21:08 - 00001489 _____ () C:\Users\BUERO1\Desktop\mbam.txt
2015-05-07 19:26 - 2015-05-07 19:26 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-07 19:26 - 2015-05-07 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-07 19:26 - 2015-05-07 19:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-07 19:26 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-07 19:26 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-07 19:13 - 2015-05-07 19:17 - 02716843 _____ (Thisisu) C:\Users\BUERO1\Desktop\JRT.exe
2015-05-07 19:12 - 2015-05-07 19:13 - 02204160 _____ () C:\Users\BUERO1\Desktop\AdwCleaner_4.203.exe
2015-05-07 19:11 - 2015-05-07 19:20 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\BUERO1\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-07 09:05 - 2015-05-07 09:05 - 00018816 _____ () C:\ComboFix.txt
2015-05-07 08:45 - 2015-05-07 09:05 - 00000000 ____D () C:\Qoobox
2015-05-07 08:45 - 2015-05-07 09:04 - 00000000 ____D () C:\Windows\erdnt
2015-05-07 08:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-07 08:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-07 08:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-07 08:39 - 2015-05-07 08:41 - 05621999 ____R (Swearware) C:\Users\BUERO1\Desktop\ComboFix.exe
2015-05-06 11:48 - 2015-05-07 21:06 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 11:48 - 2015-05-07 19:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-06 11:48 - 2015-05-06 15:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-06 11:08 - 2015-05-06 15:30 - 00000000 ____D () C:\Users\BUERO1\Desktop\mbar
2015-05-06 11:08 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-06 11:05 - 2015-05-06 11:07 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\BUERO1\Desktop\tdsskiller.exe
2015-05-06 10:51 - 2015-05-06 10:51 - 00001268 _____ () C:\Users\BUERO1\Desktop\Revo Uninstaller.lnk
2015-05-06 09:30 - 2015-05-06 09:30 - 00001882 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-06 09:30 - 2015-05-06 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-06 09:29 - 2015-05-06 09:29 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-06 09:29 - 2015-05-06 09:29 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-06 09:23 - 2015-05-07 21:22 - 00012227 _____ () C:\Users\BUERO1\Desktop\FRST.txt
2015-05-06 09:23 - 2015-05-07 21:22 - 00000000 ____D () C:\FRST
2015-05-06 09:23 - 2015-05-06 09:24 - 00028889 _____ () C:\Users\BUERO1\Desktop\Addition.txt
2015-05-06 09:17 - 2015-05-07 21:22 - 02102272 _____ (Farbar) C:\Users\BUERO1\Desktop\FRST64.exe
2015-05-06 09:16 - 2015-05-06 09:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\BUERO1\Desktop\mbar-1.09.1.1004.exe
2015-05-04 09:29 - 2015-05-04 09:29 - 00022374 _____ () C:\Users\BUERO1\Desktop\Ablauf Christi Himmelfahrt 2015.odt
2015-04-29 18:53 - 2015-04-29 18:53 - 00000000 ____D () C:\Users\BUERO1\Documents\capella
2015-04-29 18:53 - 2015-04-29 18:53 - 00000000 ____D () C:\Users\BUERO1\AppData\Roaming\capella-software
2015-04-27 20:39 - 2015-05-06 20:26 - 00000000 ____D () C:\Users\BUERO1\Desktop\Jubiläum Frauenhilfe Räbke 2015
2015-04-24 09:06 - 2015-04-24 09:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-22 12:31 - 2015-04-27 20:34 - 00072880 _____ () C:\Users\BUERO1\Desktop\Briefkopf Pfarrverband 2015.odt
2015-04-15 15:28 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 15:28 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 15:28 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 15:28 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 15:28 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 15:28 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 15:28 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 15:28 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 15:28 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 15:28 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 15:28 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 15:28 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 15:28 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 15:28 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 15:28 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 15:28 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 15:28 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 15:28 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 15:28 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 15:28 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 15:28 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 15:28 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 15:27 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 15:27 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 15:27 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 15:27 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 15:27 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 15:27 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 15:27 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 15:27 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 15:27 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 15:27 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 15:27 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 15:27 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 15:27 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 15:27 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 15:27 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 15:27 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 15:27 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 15:27 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 15:27 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 15:27 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 15:27 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 15:27 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 15:27 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 15:27 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 15:27 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 15:27 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 15:27 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 15:27 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 15:27 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 15:27 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 15:27 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 15:27 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 15:27 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 15:27 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 15:27 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 15:27 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 15:10 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 15:10 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 15:10 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 15:10 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 15:09 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 15:09 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 15:09 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 15:09 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 15:09 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 15:09 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 15:09 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 15:09 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 15:09 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 15:09 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 15:09 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 15:09 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 15:08 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 15:08 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 15:08 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 15:08 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 15:08 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 15:08 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 15:08 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 15:08 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 15:08 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 15:08 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 15:08 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 15:08 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 15:08 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 15:08 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 15:08 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 15:08 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 15:08 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 15:08 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 15:08 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 15:08 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 15:08 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 15:03 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 15:03 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 15:03 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-08 14:38 - 2015-05-05 12:36 - 00018479 _____ () C:\Users\BUERO1\Desktop\Rogate 2015 mit Taufe Ida Ulrich.odt
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-07 21:16 - 2011-08-24 12:41 - 01817169 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 21:16 - 2009-07-14 06:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-07 21:16 - 2009-07-14 06:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-07 21:13 - 2012-04-11 13:32 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-07 21:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-07 21:12 - 2011-08-24 15:14 - 00296920 _____ () C:\Windows\PFRO.log
2015-05-07 21:12 - 2011-08-24 13:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-07 21:12 - 2009-07-14 06:51 - 00107442 _____ () C:\Windows\setupact.log
2015-05-07 21:05 - 2012-04-11 13:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 20:30 - 2012-06-22 11:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 19:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2015-05-07 09:05 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-07 09:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-07 08:35 - 2012-07-10 17:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-06 20:27 - 2015-03-09 12:44 - 00000000 ____D () C:\Users\BUERO1\Desktop\Haushaltsplanung 2015 & Haushaltsabschluss 2014
2015-05-06 20:26 - 2014-02-10 15:29 - 00000000 ____D () C:\Users\BUERO1\Desktop\Pfarrer Tobias Crins
2015-05-06 19:11 - 2013-09-18 11:45 - 06791680 ___SH () C:\Users\BUERO1\Desktop\Thumbs.db
2015-05-06 09:29 - 2014-08-06 17:10 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-06 09:29 - 2014-02-15 14:50 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-06 09:29 - 2013-03-16 15:44 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-06 09:29 - 2013-03-16 15:44 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-06 09:29 - 2012-04-11 13:23 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-06 09:29 - 2011-08-24 16:03 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-06 09:29 - 2011-08-24 16:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-06 09:29 - 2011-08-24 16:03 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-01 06:07 - 2013-03-16 16:05 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 12:02 - 2013-10-23 09:47 - 00000000 ____D () C:\Users\BUERO1\Documents\Eigene Dateien
2015-04-29 18:48 - 2011-08-25 15:24 - 00000000 ____D () C:\Users\Public\Documents\Gupta Kasualien
2015-04-27 12:11 - 2012-11-13 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 12:31 - 2011-08-25 15:23 - 00000000 ____D () C:\Users\Public\Documents\Briefkopf
2015-04-16 13:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 08:40 - 2014-12-11 09:34 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 08:40 - 2014-05-07 10:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 19:22 - 2014-02-25 13:19 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 19:22 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-04-15 19:22 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-04-15 19:21 - 2009-07-14 07:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 19:20 - 2013-08-14 19:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 19:10 - 2011-08-24 13:35 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 16:36 - 2012-06-22 11:53 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 16:36 - 2012-06-22 11:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 16:36 - 2011-08-24 16:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 16:48 - 2015-02-17 12:55 - 00000000 ____D () C:\Users\BUERO1\AppData\Local\FreePDF_XP
==================== Files in the root of some directories =======
2011-08-25 12:39 - 2013-10-04 13:16 - 0011572 _____ () C:\Users\BUERO1\AppData\Roaming\SmarThruOptions.xml
Some content of TEMP:
====================
C:\Users\BUERO1\AppData\Local\Temp\Quarantine.exe
C:\Users\BUERO1\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 00:25
==================== End Of Log ============================
|
|
08.05.2015, 16:44
| #9 |
| /// the machine /// TB-Ausbilder | Mail mit DHL-Trojaner geöffnetESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.05.2015, 15:42
| #10 |
| | Mail mit DHL-Trojaner geöffnet ESET hat anscheinend Einiges gefunden: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1ef8f27c5040ec49a22550ed15a8a92f
# engine=23786
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-11 02:11:42
# local_time=2015-05-11 04:11:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 373080 195773992 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 57879716 182983352 0 0
# scanned=241454
# found=18
# cleaned=0
# scan_time=22773
sh=71C788EE08459227E09F17171312CE0EC8AFF66E ft=1 fh=ebbc8fa7c449b40b vn="Win32/Adware.MediaFinder.D Anwendung" ac=I fn="C:\Users\BUERO1\Downloads\your_file_download(1).exe"
sh=D30A0E83F39B68E37B69BC4B8EEEE369821CC9B4 ft=1 fh=78c258176329752c vn="Variante von Win32/Adware.MediaFinder.F Anwendung" ac=I fn="C:\Users\BUERO1\Downloads\your_file_download.exe"
sh=E733D2918C0456D01FEF3276DA617053004BE6A4 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2013-12-10 081253\Backup Files 2013-12-10 081253\Backup files 5.zip"
sh=CE49D20B1054EE72CA2AFD0DB28363F67E0D76A4 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2014-03-17 093641\Backup Files 2014-03-17 093641\Backup files 8.zip"
sh=7103FF70780C107880895FE7F764742F37E8B30F ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2014-06-10 082841\Backup Files 2014-06-10 082841\Backup files 11.zip"
sh=5170ABB0AF2FD9D072DFD1847882BFE1A4E7FE50 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2014-09-22 100944\Backup Files 2014-09-22 100944\Backup files 11.zip"
sh=5E354CB09100D677640CED99BDED02E232014BD7 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2014-10-13 115627\Backup Files 2014-10-13 115627\Backup files 12.zip"
sh=46F44FE242E265791E1EBEFE2D80A89CB3DDBD15 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="E:\PFARRAMT\Backup Set 2014-11-30 190001\Backup Files 2014-11-30 190001\Backup files 12.zip"
sh=7C1A8340AC48CFE24240DFC27A080C7483E2BFDB ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2014-11-30 190001\Backup Files 2014-11-30 190001\Backup files 13.zip"
sh=D9AE6C93BA71A9CA9B32D426A88D9AA53E16C983 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="E:\PFARRAMT\Backup Set 2014-12-29 114039\Backup Files 2015-01-13 090159\Backup files 3.zip"
sh=0A07C315728BE99437E1F2BDFB0D6CEBC283F5EF ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2014-12-29 114039\Backup Files 2015-01-13 090159\Backup files 4.zip"
sh=6107132B7BF25C1303160FB54A5280EF4F84A953 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2015-02-02 104522\Backup Files 2015-02-02 104522\Backup files 13.zip"
sh=1947F91CDDC131CE2F3103AED54D9A32EF039D43 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2015-03-02 113626\Backup Files 2015-03-02 113626\Backup files 13.zip"
sh=5D91AF87B3D7D727E1545F73641947FEA1FBF8D4 ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="E:\PFARRAMT\Backup Set 2015-03-02 113626\Backup Files 2015-03-16 092812\Backup files 1.zip"
sh=C90A1DB6B0E4A5CC5838C32B357366BFC3D295C0 ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="E:\PFARRAMT\Backup Set 2015-03-23 090136\Backup Files 2015-03-23 090136\Backup files 12.zip"
sh=505B5ABEB4AABEA1FFBD8FF8F370DB53013BF80C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2015-03-23 090136\Backup Files 2015-03-23 090136\Backup files 17.zip"
sh=83FE872CBD21F91D7DD5A44C33A790AD8791AA16 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2015-04-27 122159\Backup Files 2015-04-27 122159\Backup files 25.zip"
sh=7D887E5D24741C05C3753DE27AE72117141F5615 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="E:\PFARRAMT\Backup Set 2015-05-11 092226\Backup Files 2015-05-11 092226\Backup files 25.zip"
Code:
ATTFilter Results of screen317's Security Check version 1.001
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 67
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.169
Adobe Reader XI
Mozilla Firefox (37.0.2)
Mozilla Thunderbird 24.6.0 Thunderbird out of Date!
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.90)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by BUERO1 (administrator) on PFARRAMT on 11-05-2015 16:41:05
Running from C:\Users\BUERO1\Desktop
Loaded Profiles: BUERO1 (Available profiles: BUERO1 & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(Ingenieurbüro Matthias Frey) C:\eg\mfbo2a32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [606208 2009-10-13] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-06] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\...\RunOnce: [Adobe Speed Launcher] => 1431328394
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-06] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1763853671-2955367855-4097840964-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-06] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-06] (Avast Software s.r.o.)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Wikipedia (de)
FF Homepage: https://www.lk-bs.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: NoScript - C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-15]
FF Extension: Adblock Plus - C:\Users\BUERO1\AppData\Roaming\Mozilla\Firefox\Profiles\f7nevo50.default-1392467236862\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-24]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Profile: C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\BUERO1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-06] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-06] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-06] ()
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-25] (Samsung Electronics Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-11 16:40 - 2015-05-11 16:40 - 00000980 _____ () C:\Users\BUERO1\Desktop\checkup.txt
2015-05-11 16:26 - 2015-05-11 16:26 - 00002075 _____ () C:\Users\BUERO1\Desktop\Eset Prüfergebnisse.txt
2015-05-11 09:28 - 2015-05-11 09:28 - 00852630 _____ () C:\Users\BUERO1\Desktop\SecurityCheck.exe
2015-05-11 09:21 - 2015-05-11 09:22 - 02347384 _____ (ESET) C:\Users\BUERO1\Desktop\esetsmartinstaller_deu.exe
2015-05-07 21:22 - 2015-05-11 16:40 - 00000000 ____D () C:\Users\BUERO1\Desktop\FRST-OlderVersion
2015-05-07 21:18 - 2015-05-07 21:18 - 00074256 _____ () C:\Users\BUERO1\Desktop\JRT.txt
2015-05-07 21:15 - 2015-05-07 21:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PFARRAMT-Windows-7-Ultimate-(64-bit).dat
2015-05-07 21:15 - 2015-05-07 21:15 - 00000000 ____D () C:\RegBackup
2015-05-07 21:14 - 2015-05-07 21:14 - 00001167 _____ () C:\Users\BUERO1\Desktop\AdwCleaner[S0].txt
2015-05-07 21:08 - 2015-05-07 21:10 - 00000000 ____D () C:\AdwCleaner
2015-05-07 19:50 - 2015-05-07 21:08 - 00001489 _____ () C:\Users\BUERO1\Desktop\mbam.txt
2015-05-07 19:26 - 2015-05-07 19:26 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-07 19:26 - 2015-05-07 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-07 19:26 - 2015-05-07 19:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-07 19:26 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-07 19:26 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-07 19:13 - 2015-05-07 19:17 - 02716843 _____ (Thisisu) C:\Users\BUERO1\Desktop\JRT.exe
2015-05-07 19:12 - 2015-05-07 19:13 - 02204160 _____ () C:\Users\BUERO1\Desktop\AdwCleaner_4.203.exe
2015-05-07 19:11 - 2015-05-07 19:20 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\BUERO1\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-07 09:05 - 2015-05-07 09:05 - 00018816 _____ () C:\ComboFix.txt
2015-05-07 08:45 - 2015-05-07 09:05 - 00000000 ____D () C:\Qoobox
2015-05-07 08:45 - 2015-05-07 09:04 - 00000000 ____D () C:\Windows\erdnt
2015-05-07 08:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-07 08:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-07 08:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-07 08:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-07 08:39 - 2015-05-07 08:41 - 05621999 ____R (Swearware) C:\Users\BUERO1\Desktop\ComboFix.exe
2015-05-06 11:48 - 2015-05-07 21:06 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 11:48 - 2015-05-07 19:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-06 11:48 - 2015-05-06 15:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-06 11:08 - 2015-05-06 15:30 - 00000000 ____D () C:\Users\BUERO1\Desktop\mbar
2015-05-06 11:08 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-06 11:05 - 2015-05-06 11:07 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\BUERO1\Desktop\tdsskiller.exe
2015-05-06 10:51 - 2015-05-06 10:51 - 00001268 _____ () C:\Users\BUERO1\Desktop\Revo Uninstaller.lnk
2015-05-06 09:30 - 2015-05-06 09:30 - 00001882 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-06 09:30 - 2015-05-06 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-06 09:29 - 2015-05-06 09:29 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-06 09:29 - 2015-05-06 09:29 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-06 09:23 - 2015-05-11 16:41 - 00013586 _____ () C:\Users\BUERO1\Desktop\FRST.txt
2015-05-06 09:23 - 2015-05-11 16:41 - 00000000 ____D () C:\FRST
2015-05-06 09:23 - 2015-05-06 09:24 - 00028889 _____ () C:\Users\BUERO1\Desktop\Addition.txt
2015-05-06 09:17 - 2015-05-11 16:40 - 02102784 _____ (Farbar) C:\Users\BUERO1\Desktop\FRST64.exe
2015-05-06 09:16 - 2015-05-06 09:26 - 16502728 _____ (Malwarebytes Corp.) C:\Users\BUERO1\Desktop\mbar-1.09.1.1004.exe
2015-05-04 09:29 - 2015-05-11 11:26 - 00019965 _____ () C:\Users\BUERO1\Desktop\Ablauf Christi Himmelfahrt 2015.odt
2015-04-29 18:53 - 2015-04-29 18:53 - 00000000 ____D () C:\Users\BUERO1\Documents\capella
2015-04-29 18:53 - 2015-04-29 18:53 - 00000000 ____D () C:\Users\BUERO1\AppData\Roaming\capella-software
2015-04-27 20:39 - 2015-05-06 20:26 - 00000000 ____D () C:\Users\BUERO1\Desktop\Jubiläum Frauenhilfe Räbke 2015
2015-04-24 09:06 - 2015-04-24 09:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-22 12:31 - 2015-04-27 20:34 - 00072880 _____ () C:\Users\BUERO1\Desktop\Briefkopf Pfarrverband 2015.odt
2015-04-15 15:28 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 15:28 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 15:28 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 15:28 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 15:28 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 15:28 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 15:28 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 15:28 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 15:28 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 15:28 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 15:28 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 15:28 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 15:28 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 15:28 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 15:28 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 15:28 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 15:28 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 15:28 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 15:28 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 15:28 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 15:28 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 15:28 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 15:27 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 15:27 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 15:27 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 15:27 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 15:27 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 15:27 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 15:27 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 15:27 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 15:27 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 15:27 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 15:27 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 15:27 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 15:27 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 15:27 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 15:27 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 15:27 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 15:27 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 15:27 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 15:27 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 15:27 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 15:27 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 15:27 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 15:27 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 15:27 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 15:27 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 15:27 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 15:27 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 15:27 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 15:27 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 15:27 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 15:27 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 15:27 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 15:27 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 15:27 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 15:27 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 15:27 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 15:10 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 15:10 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 15:10 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 15:10 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 15:10 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 15:10 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 15:09 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 15:09 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 15:09 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 15:09 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 15:09 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 15:09 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 15:09 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 15:09 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 15:09 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 15:09 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 15:09 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 15:09 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 15:09 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 15:08 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 15:08 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 15:08 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 15:08 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 15:08 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 15:08 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 15:08 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 15:08 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 15:08 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 15:08 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 15:08 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 15:08 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 15:08 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 15:08 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 15:08 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 15:08 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 15:08 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 15:08 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 15:08 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 15:08 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 15:08 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 15:08 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 15:08 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 15:08 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 15:08 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 15:03 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 15:03 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 15:03 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-11 16:30 - 2012-06-22 11:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-11 16:05 - 2012-04-11 13:33 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-11 15:50 - 2011-08-24 12:41 - 01963747 _____ () C:\Windows\WindowsUpdate.log
2015-05-11 11:59 - 2013-09-18 11:45 - 06853120 ___SH () C:\Users\BUERO1\Desktop\Thumbs.db
2015-05-11 09:20 - 2009-07-14 06:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-11 09:20 - 2009-07-14 06:45 - 00021808 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-11 09:13 - 2012-04-11 13:32 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-11 09:12 - 2011-08-24 13:04 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-11 09:12 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-11 09:12 - 2009-07-14 06:51 - 00107610 _____ () C:\Windows\setupact.log
2015-05-09 19:59 - 2014-02-10 15:29 - 00000000 ____D () C:\Users\BUERO1\Desktop\Pfarrer Tobias Crins
2015-05-08 14:22 - 2013-06-03 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-07 21:12 - 2011-08-24 15:14 - 00296920 _____ () C:\Windows\PFRO.log
2015-05-07 19:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2015-05-07 09:05 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-07 09:02 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-07 08:35 - 2012-07-10 17:23 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-06 20:27 - 2015-03-09 12:44 - 00000000 ____D () C:\Users\BUERO1\Desktop\Haushaltsplanung 2015 & Haushaltsabschluss 2014
2015-05-06 09:29 - 2014-08-06 17:10 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-06 09:29 - 2014-02-15 14:50 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-06 09:29 - 2013-03-16 15:44 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-06 09:29 - 2013-03-16 15:44 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-06 09:29 - 2012-04-11 13:23 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-06 09:29 - 2011-08-24 16:03 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-06 09:29 - 2011-08-24 16:03 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-06 09:29 - 2011-08-24 16:03 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-01 06:07 - 2013-03-16 16:05 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-30 12:02 - 2013-10-23 09:47 - 00000000 ____D () C:\Users\BUERO1\Documents\Eigene Dateien
2015-04-29 18:48 - 2011-08-25 15:24 - 00000000 ____D () C:\Users\Public\Documents\Gupta Kasualien
2015-04-27 12:11 - 2012-11-13 11:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 12:31 - 2011-08-25 15:23 - 00000000 ____D () C:\Users\Public\Documents\Briefkopf
2015-04-16 13:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-16 13:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 08:40 - 2014-12-11 09:34 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 08:40 - 2014-05-07 10:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 19:22 - 2014-02-25 13:19 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 19:22 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2015-04-15 19:22 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2015-04-15 19:21 - 2009-07-14 07:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 19:20 - 2013-08-14 19:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 19:10 - 2011-08-24 13:35 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 16:36 - 2012-06-22 11:53 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 16:36 - 2012-06-22 11:53 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 16:36 - 2011-08-24 16:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 16:48 - 2015-02-17 12:55 - 00000000 ____D () C:\Users\BUERO1\AppData\Local\FreePDF_XP
==================== Files in the root of some directories =======
2011-08-25 12:39 - 2013-10-04 13:16 - 0011572 _____ () C:\Users\BUERO1\AppData\Roaming\SmarThruOptions.xml
Some content of TEMP:
====================
C:\Users\BUERO1\AppData\Local\Temp\Quarantine.exe
C:\Users\BUERO1\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 00:25
==================== End Of Log ============================
--- --- --- |
|
12.05.2015, 06:57
| #11 |
| /// the machine /// TB-Ausbilder | Mail mit DHL-Trojaner geöffnet Java und Thunderbird updaten. Backup auf E löschen. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter
C:\Users\BUERO1\Downloads\your_file_download(1).exe
C:\Users\BUERO1\Downloads\your_file_download.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.05.2015, 11:55
| #12 |
| | Mail mit DHL-Trojaner geöffnet Vielen Dank für die Hilfe bisher. Java und Thunderbird habe ich jetzt aktualisiert und die Backups gelöscht. Ob es noch Probleme gibt, kann ich aber nicht mit Sicherheit sagen, da ich ja vom Trojaner bis zur Meldung von ESET gar nichts gemerkt habe. Hier jetzt der Inhalt des Fixlogs: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by BUERO1 at 2015-05-12 12:45:41 Run:1
Running from C:\Users\BUERO1\Desktop
Loaded Profiles: BUERO1 (Available profiles: BUERO1 & UpdatusUser)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\BUERO1\Downloads\your_file_download(1).exe
C:\Users\BUERO1\Downloads\your_file_download.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
*****************
C:\Users\BUERO1\Downloads\your_file_download(1).exe => Moved successfully.
C:\Users\BUERO1\Downloads\your_file_download.exe => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
EmptyTemp: => Removed 543.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog 12:45:59 ====
|
|
13.05.2015, 06:55
| #13 |
| /// the machine /// TB-Ausbilder | Mail mit DHL-Trojaner geöffnet Jop, Passwörter ändern und dann passt das Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Mail mit DHL-Trojaner geöffnet |
| adobe, adware, antivirus, browser, computer, defender, dhl-trojaner, firefox, flash player, google, helper, homepage, monitor, mozilla, newtab, problem, realtek, registry, scan, security, services.exe, software, speicherplatz, svchost.exe, system, udp, windows, ändern |
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
