| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Taskmanager öffnet nicht, Browser hängt und sehr langsam.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.08.2015, 09:52
| #1 |
 |  Taskmanager öffnet nicht, Browser hängt und sehr langsam. Hallo Zusammen! Ich habe vor ein paar Tagen meinen Laptop frisch aufgesetzt, wegen Problemen von medion zurückbekommen. Kaspersky war dann drauf. Lief alles flüssig und auch die Hardwareprobleme wurden behoben. Jetzt ist das Gerät seit knapp 3 Tagen so extrem langsam und auch der Taskmanager öffnet sich nicht. Nach Googlesuche fand ich den Hinweis, dass es sich um Maleware/ Virus handeln muss. Kaspersky fand nichts und schlug auch zwischenzeitlich nicht aus. Ich hoffe auf Hilfe und vielen Dank im Voraus.  Anbei meine Logs:Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015
durchgeführt von User (Administrator) auf USER-PC (14-08-2015 10:40:23)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17280_none_6224eed751126779\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [3768832 2009-12-17] (Sentelic Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2015-08-11] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{488C27E9-AC4E-4683-A1EB-288A81E366F5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8D570EDF-6B09-4C5E-AFD6-A6546A63DF91}: [DhcpNameServer] 192.168.10.1
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-11-05]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Minimal White) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcbojcafbggjenbeflknhfimpcikmlc [2015-08-11]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Safe Money) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-08-11]
CHR Extension: (Content Blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-08-11]
CHR Extension: (Virtual Keyboard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2015-08-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-11]
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR Extension: (Anti-Banner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-08-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2015-08-11] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2015-08-11] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2015-08-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2015-08-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2015-08-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2015-08-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2015-08-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2015-08-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-08-11] (Kaspersky Lab ZAO)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-14 10:40 - 2015-08-14 10:42 - 00018829 _____ C:\Users\User\Downloads\FRST.txt
2015-08-14 10:38 - 2015-08-14 10:40 - 00000000 ____D C:\FRST
2015-08-14 10:38 - 2015-08-14 10:38 - 02173952 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-08-13 00:52 - 2015-08-14 10:27 - 00000000 ____D C:\Windows\system32\MRT
2015-08-11 23:02 - 2015-08-11 23:02 - 00294992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-11 22:29 - 2015-08-11 22:29 - 00000106 _____ C:\Windows\SynInst.log
2015-08-11 22:27 - 2015-08-11 22:27 - 00001084 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SynTP.lnk
2015-08-11 21:05 - 2015-08-11 21:05 - 00000000 ____D C:\Users\User\Tracing
2015-08-11 21:01 - 2015-08-11 21:01 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2015-08-11 21:00 - 2015-08-12 20:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-08-11 20:59 - 2015-08-11 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-11 20:59 - 2015-08-11 20:59 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-11 20:59 - 2015-08-11 20:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-11 20:59 - 2015-08-11 20:59 - 00000000 ____D C:\ProgramData\Skype
2015-08-11 20:57 - 2015-08-11 20:58 - 01384064 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2015-08-11 19:30 - 2014-05-15 03:02 - 00059424 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-11 19:30 - 2014-05-15 00:43 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-11 19:30 - 2014-05-15 00:43 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-11 19:30 - 2014-05-15 00:43 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-11 19:30 - 2014-05-15 00:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-08-11 19:28 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 15:28 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-08-11 15:28 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-08-11 14:48 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-08-11 14:48 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2015-08-11 14:48 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-11 14:48 - 2013-04-09 07:14 - 01455880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-11 14:48 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-08-11 14:48 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-08-11 14:48 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-08-11 14:48 - 2013-04-09 06:51 - 13648384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-11 14:48 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-08-11 14:48 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-08-11 14:48 - 2013-04-09 06:50 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-08-11 14:48 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-08-11 14:48 - 2013-04-09 06:48 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-08-11 14:48 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-08-11 14:48 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-08-11 14:48 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-08-11 14:48 - 2013-04-08 23:51 - 10789888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-08-11 14:48 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-08-11 14:47 - 2014-08-02 00:08 - 00388729 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-11 14:47 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-08-11 14:47 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-08-11 14:47 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-08-11 14:47 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-08-11 14:47 - 2014-07-12 06:36 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-11 14:47 - 2014-07-12 06:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-11 14:47 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-08-11 14:47 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-08-11 14:47 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-08-11 14:47 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-08-11 14:47 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-08-11 14:47 - 2013-04-09 07:27 - 00284424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-08-11 14:47 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2015-08-11 14:47 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2015-08-11 14:47 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-08-11 14:47 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-08-11 14:47 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-08-11 14:47 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 14:47 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2015-08-11 14:47 - 2013-04-09 06:48 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-08-11 14:47 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-08-11 14:47 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-08-11 14:47 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-08-11 14:47 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-08-11 14:47 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-08-11 14:47 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-11 14:47 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-08-11 14:47 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-08-11 14:47 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-08-11 14:47 - 2013-04-08 23:52 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-08-11 14:47 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-08-11 14:47 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-08-11 14:47 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2015-08-11 14:47 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-08-11 14:47 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-08-11 14:47 - 2013-03-30 20:16 - 01403784 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-08-11 14:47 - 2013-03-30 20:16 - 01267424 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-08-11 14:47 - 2013-03-29 00:09 - 01217328 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-08-11 14:47 - 2013-03-29 00:09 - 01093880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-08-11 14:47 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-08-11 14:47 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-08-11 14:47 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-08-11 14:47 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-08-11 14:47 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-11 14:47 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-11 14:46 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-08-11 14:46 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-08-11 14:46 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-08-11 14:46 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-08-11 14:46 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-08-11 14:46 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-08-11 14:46 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-08-11 14:46 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-08-11 14:46 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-08-11 14:46 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-08-11 14:46 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-08-11 14:46 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-08-11 14:46 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-11 14:46 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-08-11 14:33 - 2014-08-30 07:48 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-08-11 14:33 - 2014-08-30 07:47 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-11 14:33 - 2014-08-30 07:46 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-11 14:33 - 2014-08-30 06:05 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-08-11 14:33 - 2014-08-30 06:04 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-11 14:33 - 2014-08-30 06:03 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-11 14:33 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-11 14:33 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-11 14:33 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-11 14:33 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-11 14:33 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-11 14:33 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-08-11 14:33 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-08-11 14:33 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-08-11 14:33 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-08-11 14:33 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-08-11 14:33 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-08-11 14:33 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-08-11 14:33 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-11 14:31 - 2014-12-19 06:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-08-11 14:30 - 2015-01-15 23:45 - 06973248 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-11 14:30 - 2014-11-08 13:21 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-11 14:30 - 2014-11-08 08:56 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-11 14:30 - 2014-10-11 10:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-11 14:30 - 2014-10-11 07:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 14:30 - 2014-10-11 07:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 14:30 - 2014-08-22 01:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-11 14:30 - 2014-08-22 01:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-11 14:30 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-08-11 14:30 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-08-11 14:30 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 14:30 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 14:30 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-11 14:30 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 14:30 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 14:30 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-08-11 14:30 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 14:30 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 14:29 - 2015-06-25 03:54 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-11 14:29 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-11 14:29 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-08-11 14:29 - 2015-01-24 08:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-08-11 14:29 - 2015-01-24 07:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-08-11 14:29 - 2014-11-08 13:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-08-11 14:29 - 2014-11-08 08:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-08-11 14:29 - 2014-10-23 14:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-08-11 14:29 - 2014-10-23 13:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-08-11 14:29 - 2013-01-29 03:57 - 00035232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-11 14:29 - 2013-01-29 01:08 - 00230904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-11 14:28 - 2015-04-25 05:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-08-11 14:28 - 2015-04-25 01:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-08-11 14:28 - 2015-02-17 08:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 14:28 - 2015-02-17 07:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 14:28 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-08-11 14:28 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-08-11 14:28 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-11 14:28 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 14:28 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-08-11 14:28 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-08-11 14:28 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 14:28 - 2014-02-27 01:40 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 14:28 - 2014-02-27 01:21 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 14:28 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-08-11 14:28 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-08-11 14:28 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-08-11 14:28 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-08-11 14:28 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-08-11 14:28 - 2012-11-01 06:41 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-11 14:28 - 2012-11-01 06:40 - 02361344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-11 14:28 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 14:28 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 14:27 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 14:27 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 14:27 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 14:27 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-08-11 14:27 - 2015-03-06 09:39 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-08-11 14:27 - 2015-03-06 07:48 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-08-11 14:27 - 2015-01-15 13:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-08-11 14:27 - 2015-01-15 13:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 14:27 - 2015-01-15 12:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-08-11 14:27 - 2015-01-15 11:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 14:27 - 2015-01-15 11:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 14:27 - 2014-09-25 01:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-08-11 14:27 - 2014-09-25 01:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-08-11 14:27 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-11 14:27 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-08-11 14:27 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 14:27 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 14:27 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 14:27 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 12:43 - 2015-08-11 12:43 - 00001348 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk
2015-08-11 12:39 - 2015-08-11 12:39 - 00541410 _____ C:\Users\User\Downloads\tpfc_v062.zip
2015-08-11 12:33 - 2015-08-12 08:42 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 12:33 - 2015-08-11 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-11 12:32 - 2015-08-14 10:38 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 12:32 - 2015-08-14 10:17 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 12:32 - 2015-08-11 12:33 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-08-11 12:32 - 2015-08-11 12:33 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-11 12:32 - 2015-08-11 12:32 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-11 12:32 - 2015-08-11 12:32 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-11 12:31 - 2015-08-11 12:32 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2015-08-11 12:31 - 2015-08-11 12:31 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0
2015-08-11 12:30 - 2015-08-11 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2015-08-06 15:08 - 2015-08-11 22:39 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1049590450-3514696037-1677154721-1001
2015-08-06 15:05 - 2015-08-14 10:18 - 00000000 ____D C:\Users\User\Documents\Youcam
2015-08-06 15:05 - 2015-08-06 15:05 - 00000000 ____D C:\Users\User\AppData\Local\CyberLink
2015-08-06 15:03 - 2015-08-06 15:03 - 00000000 ____D C:\Users\User\AppData\Local\Power2Go8
2015-08-06 15:02 - 2015-08-06 15:02 - 00001446 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-06 15:02 - 2015-08-06 15:02 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-06 15:02 - 2015-08-06 15:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-08-06 15:02 - 2012-10-17 15:13 - 00001655 _____ C:\Users\Default\Desktop\LIFESTORE.lnk
2015-08-06 15:02 - 2012-10-17 15:13 - 00001655 _____ C:\Users\Default User\Desktop\LIFESTORE.lnk
2015-08-06 15:02 - 2012-09-21 05:40 - 00001021 _____ C:\Users\Default\Desktop\Gutscheine bei coupons4u.lnk
2015-08-06 15:02 - 2012-09-21 05:40 - 00001021 _____ C:\Users\Default User\Desktop\Gutscheine bei coupons4u.lnk
2015-08-06 15:02 - 2012-09-15 20:56 - 00001995 _____ C:\Users\Default\Desktop\MEDIONplay.lnk
2015-08-06 15:02 - 2012-09-15 20:56 - 00001995 _____ C:\Users\Default User\Desktop\MEDIONplay.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00002786 _____ C:\Users\Default\Desktop\MEDIONmail.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00002786 _____ C:\Users\Default User\Desktop\MEDIONmail.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00001779 _____ C:\Users\Default\Desktop\MEDION Serviceportal.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00001779 _____ C:\Users\Default User\Desktop\MEDION Serviceportal.lnk
2015-08-06 15:00 - 2015-08-06 15:00 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2015-08-06 14:59 - 2015-08-14 10:42 - 01937671 _____ C:\Windows\WindowsUpdate.log
2015-08-06 14:59 - 2015-08-06 15:02 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2015-08-06 14:59 - 2015-08-06 14:59 - 00000020 ___SH C:\Users\User\ntuser.ini
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Vorlagen
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Startmenü
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Netzwerkumgebung
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Lokale Einstellungen
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Eigene Dateien
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Druckumgebung
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Documents\Eigene Musik
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Documents\Eigene Bilder
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Local\Verlauf
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Local\Anwendungsdaten
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Anwendungsdaten
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Intel
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-06 14:50 - 2015-08-06 14:50 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1049590450-3514696037-1677154721-500
2015-08-06 14:00 - 2015-08-06 14:00 - 00000000 ____D C:\report
2015-08-06 13:48 - 2015-08-06 13:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Player Classic
2015-08-06 13:47 - 2015-08-06 13:58 - 00000070 _____ C:\Program Files\smaple.txt
2015-08-06 13:23 - 2015-08-06 13:23 - 00003072 _____ C:\Users\User\AppData\Local\file__0.localstorage
2015-08-06 13:16 - 2015-08-06 13:16 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-08-06 13:16 - 2015-08-06 13:16 - 00002014 _____ C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-08-06 13:16 - 2015-08-06 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-08-06 13:16 - 2015-08-06 13:16 - 00000000 ____D C:\Program Files\Intel Corporation
2015-08-06 13:11 - 2015-08-06 13:11 - 00000000 ____D C:\Program Files\FSP
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-14 10:41 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-14 10:20 - 2012-11-05 19:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-14 10:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-12 20:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-12 19:59 - 2012-11-05 17:56 - 00000000 ____D C:\Windows\Panther
2015-08-12 19:52 - 2012-11-05 19:03 - 00703484 _____ C:\Windows\system32\perfh01F.dat
2015-08-12 19:52 - 2012-11-05 19:03 - 00147116 _____ C:\Windows\system32\perfc01F.dat
2015-08-12 19:52 - 2012-11-05 19:01 - 00713560 _____ C:\Windows\system32\perfh01D.dat
2015-08-12 19:52 - 2012-11-05 19:01 - 00149444 _____ C:\Windows\system32\perfc01D.dat
2015-08-12 19:52 - 2012-11-05 18:56 - 00786784 _____ C:\Windows\system32\perfh015.dat
2015-08-12 19:52 - 2012-11-05 18:56 - 00159932 _____ C:\Windows\system32\perfc015.dat
2015-08-12 19:52 - 2012-11-05 18:54 - 00786588 _____ C:\Windows\system32\perfh013.dat
2015-08-12 19:52 - 2012-11-05 18:54 - 00159122 _____ C:\Windows\system32\perfc013.dat
2015-08-12 19:52 - 2012-11-05 18:49 - 00782014 _____ C:\Windows\system32\perfh010.dat
2015-08-12 19:52 - 2012-11-05 18:49 - 00153144 _____ C:\Windows\system32\perfc010.dat
2015-08-12 19:52 - 2012-11-05 18:47 - 00731582 _____ C:\Windows\system32\perfh00E.dat
2015-08-12 19:52 - 2012-11-05 18:47 - 00174554 _____ C:\Windows\system32\perfc00E.dat
2015-08-12 19:52 - 2012-11-05 18:45 - 00791060 _____ C:\Windows\system32\perfh00C.dat
2015-08-12 19:52 - 2012-11-05 18:45 - 00155620 _____ C:\Windows\system32\perfc00C.dat
2015-08-12 19:52 - 2012-11-05 18:43 - 00427352 _____ C:\Windows\system32\perfh00B.dat
2015-08-12 19:52 - 2012-11-05 18:43 - 00081986 _____ C:\Windows\system32\perfc00B.dat
2015-08-12 19:52 - 2012-11-05 18:41 - 00788984 _____ C:\Windows\system32\perfh00A.dat
2015-08-12 19:52 - 2012-11-05 18:41 - 00162890 _____ C:\Windows\system32\perfc00A.dat
2015-08-12 19:52 - 2012-11-05 18:36 - 00754172 _____ C:\Windows\system32\perfh007.dat
2015-08-12 19:52 - 2012-11-05 18:36 - 00156362 _____ C:\Windows\system32\perfc007.dat
2015-08-12 19:52 - 2012-11-05 18:34 - 00456714 _____ C:\Windows\system32\perfh006.dat
2015-08-12 19:52 - 2012-11-05 18:34 - 00079958 _____ C:\Windows\system32\perfc006.dat
2015-08-12 19:52 - 2012-07-26 09:28 - 10134370 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-12 19:44 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-12 19:42 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-12 19:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-08-12 19:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 19:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-12 19:42 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-08-12 19:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2015-08-12 19:41 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 19:41 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2015-08-12 19:40 - 2012-11-05 18:34 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-08-12 19:40 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-08-12 19:40 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-08-12 19:40 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-08-12 19:40 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-08-12 19:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-08-12 19:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-08-12 19:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-08-12 19:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-08-12 19:40 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-08-12 19:39 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\winrm
2015-08-12 19:39 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\slmgr
2015-08-12 19:39 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-08-12 19:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\migwiz
2015-08-12 19:39 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-12 19:39 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2015-08-12 19:39 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2015-08-12 19:37 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\WCN
2015-08-12 19:37 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MUI
2015-08-12 19:37 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2015-08-12 19:36 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-08-12 19:36 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-08-12 19:36 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Com
2015-08-12 07:57 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-12 07:57 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-12 07:57 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\en-GB
2015-08-11 23:02 - 2012-11-05 17:57 - 00009702 _____ C:\Windows\PFRO.log
2015-08-11 23:00 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-11 22:52 - 2012-11-05 19:03 - 00000000 ____D C:\Windows\system32\Drivers\tr-TR
2015-08-11 22:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2015-08-11 22:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 22:51 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-11 22:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-08-11 22:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-08-11 22:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-08-11 12:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System
2015-08-11 11:56 - 2012-07-26 09:21 - 00045399 _____ C:\Windows\setupact.log
2015-08-11 11:55 - 2012-11-05 19:48 - 00627296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-11 11:55 - 2012-11-05 19:48 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-11 11:55 - 2012-10-04 18:25 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-08-11 11:55 - 2012-10-04 18:25 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-08-11 11:55 - 2012-08-13 18:49 - 00177864 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-08-11 11:55 - 2012-08-03 17:55 - 00050448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-08-11 11:55 - 2012-08-02 17:09 - 00030304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-08-11 11:55 - 2012-06-19 19:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-08-06 22:48 - 2012-07-26 10:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-08-06 15:09 - 2012-12-18 13:34 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-08-06 15:02 - 2012-07-26 09:20 - 00000000 ____D C:\Windows\Setup
2015-08-06 14:58 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-06 14:51 - 2012-07-26 10:13 - 00010443 _____ C:\Windows\DtcInstall.log
2015-08-06 13:16 - 2012-12-18 12:19 - 00000000 ____D C:\ProgramData\Intel
2015-08-06 13:16 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2015-08-06 13:14 - 2012-11-05 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 13:13 - 2012-12-18 12:35 - 00017112 _____ C:\Windows\DPINST.LOG
2015-08-06 13:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2015-07-28 10:59 - 2012-11-05 19:14 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-06 13:47 - 2015-08-06 13:58 - 0000070 _____ () C:\Program Files\smaple.txt
2015-08-06 13:23 - 2015-08-06 13:23 - 0003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2015-08-06 13:10 - 2015-08-06 13:17 - 0022795 _____ () C:\Users\User\AppData\Local\WiDiSetupLog.20150806.131054.txt
2012-12-18 13:38 - 2012-12-18 13:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2012-11-05 17:57
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-08-2015
durchgeführt von User (2015-08-14 10:44:13)
Gestartet von C:\Users\User\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1049590450-3514696037-1677154721-500 - Administrator - Disabled)
Gast (S-1-5-21-1049590450-3514696037-1677154721-501 - Limited - Disabled)
User (S-1-5-21-1049590450-3514696037-1677154721-1001 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.6.4 - Sentelic)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.9.6 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
06-08-2015 13:11:27 Installiert Finger Sensing Pad Driver
06-08-2015 13:11:35 Installed Intel(R) WiDi.
11-08-2015 15:22:36 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {111D5239-FCF0-43F0-857D-0AA2D97CCB2D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-28] (Microsoft Corporation)
Task: {5E686F86-CC21-45DD-AB01-A7EC568CAD6A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {94C4CF35-5E70-4F86-928E-B249FCC33FB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.)
Task: {A1E90357-CBEC-44CB-BB82-D405B2269A92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.)
Task: {BB48774F-644B-49DD-8016-98E16CF5EE2B} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-18 13:08 - 2010-08-19 19:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-12-13 16:47 - 2012-11-01 16:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-18 12:17 - 2012-08-03 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-17 23:39 - 2015-08-11 11:48 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-12-18 12:19 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-17 23:38 - 2012-08-17 23:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-08-17 23:40 - 2012-08-17 23:40 - 00068024 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll
2012-12-18 13:06 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\ws_Purple_Sky_River_Trees_Reflect_2560x1600.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{27E3B9C1-4C70-489F-9EE8-C46E26E9715A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F7218085-98A7-483D-8F82-31BF21913E71}] => (Allow) LPort=2869
FirewallRules: [{48236E57-1BA0-420C-8D42-002FD75F0D3C}] => (Allow) LPort=1900
FirewallRules: [{9CA6D5C6-326C-4A5D-9FA0-4FE87D3C51ED}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9031E06A-ED6D-4776-B311-0618F5F20E6D}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{D022BDC7-2A16-490F-BEC7-7E9B82E85627}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{1F99D8A8-2AFF-4FD7-8499-A95AB5707A19}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{D5B47011-D402-4D5E-B466-B6089CBBD1FC}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{BD5E0F5E-C67F-465A-B527-94F777E8BFAB}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{F98AD7CB-3153-4A7D-80E3-9B3946752BC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{31833E5C-8DD7-4F00-80D4-A89EB1B4157E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{2E8974E1-FD2D-4F3D-98CD-CD91C5B3715D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{DAB78648-FCEE-4C46-A87A-996906A64695}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{F9BE694E-BA0D-4C5D-857E-BE6CDDF119ED}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{4E8E4B64-5E3B-442B-8713-4EAAE89E1C13}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68CB4B6B-F0CF-4AC4-BA15-2EBB971F0900}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/14/2015 10:45:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 11:19:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 09:10:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ccdash.exe, Version: 15.5.0.0, Zeitstempel: 0x50008f56
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16857, Zeitstempel: 0x530e784b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000047b8c
ID des fehlerhaften Prozesses: 0x1234
Startzeit der fehlerhaften Anwendung: 0xccdash.exe0
Pfad der fehlerhaften Anwendung: ccdash.exe1
Pfad des fehlerhaften Moduls: ccdash.exe2
Berichtskennung: ccdash.exe3
Vollständiger Name des fehlerhaften Pakets: ccdash.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ccdash.exe5
Error: (08/12/2015 09:10:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ccdash.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Security.Principal.IdentityNotMappedException
Stapel:
bei System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean)
bei System.Security.Principal.NTAccount.Translate(System.Type)
bei System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef)
bei System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.OpenPermissionsOnFile(System.String)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.LoadDB()
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB..ctor()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.Main()
Error: (08/12/2015 07:48:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (08/12/2015 07:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: delegate_execute.exe, Version: 44.0.2403.155, Zeitstempel: 0x55c51cbe
Name des fehlerhaften Moduls: delegate_execute.exe, Version: 44.0.2403.155, Zeitstempel: 0x55c51cbe
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000851f
ID des fehlerhaften Prozesses: 0xc58
Startzeit der fehlerhaften Anwendung: 0xdelegate_execute.exe0
Pfad der fehlerhaften Anwendung: delegate_execute.exe1
Pfad des fehlerhaften Moduls: delegate_execute.exe2
Berichtskennung: delegate_execute.exe3
Vollständiger Name des fehlerhaften Pakets: delegate_execute.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: delegate_execute.exe5
Error: (08/11/2015 08:50:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/11/2015 08:50:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.SkypeApp_1.2.0.129_x86__kzf8qxf38zg5c“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/11/2015 08:50:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: USER-PC)
Description: Die App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (08/11/2015 08:48:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (08/12/2015 11:02:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Windows 8 für x64-basierte Systeme (KB2920189)
Error: (08/12/2015 10:55:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8 für x64-Systeme (KB2975331)
Error: (08/12/2015 07:48:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1000) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005
Error: (08/12/2015 07:48:44 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (08/12/2015 07:48:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%2147770990
Error: (08/12/2015 07:44:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 12.08.2015 um 19:12:55 unerwartet heruntergefahren.
Error: (08/12/2015 03:02:56 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (08/12/2015 03:02:56 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (08/12/2015 03:02:55 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (08/12/2015 03:02:55 PM) (Source: DCOM) (EventID: 10010) (User: USER-PC)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Microsoft Office:
=========================
Error: (08/14/2015 10:45:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 11:19:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 09:10:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ccdash.exe15.5.0.050008f56KERNELBASE.dll6.2.9200.16857530e784be04343520000000000047b8c123401d0d5320548c436C:\Program Files\Intel\CCDashboard\bin\ccdash.exeC:\Windows\system32\KERNELBASE.dllbf4df18b-4125-11e5-be9b-685d43f07f66
Error: (08/12/2015 09:10:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ccdash.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Security.Principal.IdentityNotMappedException
Stapel:
bei System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean)
bei System.Security.Principal.NTAccount.Translate(System.Type)
bei System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef)
bei System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.OpenPermissionsOnFile(System.String)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.LoadDB()
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB..ctor()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.Main()
Error: (08/12/2015 07:48:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec0000005000000000002639083c01d0d526ae081f61C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll56b15909-411a-11e5-be9b-685d43f07f66
Error: (08/12/2015 07:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe44.0.2403.15555c51cbedelegate_execute.exe44.0.2403.15555c51cbe800000030000851fc5801d0d522e7b5b7e7C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\delegate_execute.exe2d64c515-4116-11e5-be9a-685d43f07f66
Error: (08/11/2015 08:50:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142
Error: (08/11/2015 08:50:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Microsoft.SkypeApp_1.2.0.129_x86__kzf8qxf38zg5c
Error: (08/11/2015 08:50:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: USER-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App
Error: (08/11/2015 08:48:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 74%
Installierter physikalischer RAM: 3961.71 MB
Verfügbarer physikalischer RAM: 1019.97 MB
Summe virtueller Speicher: 7545.71 MB
Verfügbarer virtueller Speicher: 4176.41 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:879.36 GB) (Free:816.2 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Ergebnis ============================
Geändert von Adahlia (14.08.2015 um 10:01 Uhr) |
|
14.08.2015, 10:26
| #2 |
| /// TB-Ausbilder   | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Scan mit Combofix
|
|
14.08.2015, 11:10
| #3 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Hallo Matthias ,
__________________danke für's Willkommenheissen Diese Fehlermeldung, die du oben erwähnt hast, habe ich jetzt schon bekommen, bevor ein Neustart gemacht wurde. Ist das ok? Quasi während des Scanns bei 10 von 12. C:\Windows\erdnt\Hiv-backup\COMPONENTS! \schema.dat Jetzt noch Fehler beim Überschreiben der Datei pev.3XE |
|
14.08.2015, 11:29
| #4 |
| /// TB-Ausbilder | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Servus, läuft ComboFix trotzdem weiter? Wenn ja, bitte weiterlaufen lassen. Wenn ComboFix über eine halbe Stunde nichts mehr macht, ComboFix beenden und Rechenr neu starten und statt ComboFix bitte MBAR ausführen: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
14.08.2015, 11:43
| #5 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Hallo Matthias, hier der Log vom Combofix Code:
ATTFilter ComboFix 15-08-13.01 - User 14.08.2015 12:16:41.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1252.49.1031.18.3962.1382 [GMT 2:00]
ausgeführt von:: c:\users\User\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-14 bis 2015-08-14 ))))))))))))))))))))))))))))))
.
.
2015-08-14 10:31 . 2015-08-14 10:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-14 08:38 . 2015-08-14 08:49 -------- d-----w- C:\FRST
2015-08-14 08:19 . 2015-08-14 08:19 50784 ----a-w- c:\programdata\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-08-14 08:19 . 2015-08-14 08:19 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-08-12 22:52 . 2015-08-14 08:27 -------- d-----w- c:\windows\system32\MRT
2015-08-12 06:50 . 2015-08-12 06:50 269992 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-08-11 18:59 . 2015-08-11 18:59 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-08-11 18:59 . 2015-08-11 18:59 -------- d-----r- c:\program files (x86)\Skype
2015-08-11 18:59 . 2015-08-11 18:59 -------- d-----w- c:\programdata\Skype
2015-08-11 17:30 . 2014-05-15 01:02 59424 ----a-w- c:\windows\system32\wuauclt.exe
2015-08-11 17:30 . 2014-05-14 22:43 3286528 ----a-w- c:\windows\system32\wuaueng.dll
2015-08-11 17:30 . 2014-05-14 22:43 253440 ----a-w- c:\windows\system32\WUSettingsProvider.dll
2015-08-11 17:30 . 2014-05-14 22:43 1623040 ----a-w- c:\windows\system32\wucltux.dll
2015-08-11 17:30 . 2014-05-14 22:42 176640 ----a-w- c:\windows\system32\storewuauth.dll
2015-08-11 17:28 . 2013-08-16 05:21 49152 ----a-w- c:\windows\system32\wups2.dll
2015-08-11 13:28 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-08-11 13:28 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-08-11 12:47 . 2013-04-09 05:33 489576 ----a-w- c:\windows\system32\AudioEng.dll
2015-08-11 12:46 . 2014-07-16 23:28 27648 ----a-w- c:\windows\SysWow64\sscore.dll
2015-08-11 12:33 . 2013-08-03 06:40 462336 ----a-w- c:\windows\system32\sysmon.ocx
2015-08-11 12:31 . 2014-12-19 04:35 142336 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2015-08-11 12:29 . 2013-01-28 23:08 55272 ----a-w- c:\program files\Windows Defender\MpUXSrv.exe
2015-08-11 12:28 . 2014-03-01 09:47 1258496 ----a-w- c:\windows\system32\kernel32.dll
2015-08-11 12:27 . 2015-01-15 11:43 1282560 ----a-w- c:\windows\system32\lsasrv.dll
2015-08-11 10:32 . 2015-08-11 10:33 -------- d-----w- c:\program files (x86)\Google
2015-08-06 12:59 . 2015-08-11 20:46 -------- d-----w- c:\users\User
2015-08-06 12:00 . 2015-08-06 12:00 -------- d-----w- C:\report
2015-08-06 11:16 . 2015-08-06 11:16 -------- d-----w- c:\program files\Intel Corporation
2015-08-06 11:11 . 2015-08-06 11:11 -------- d-----w- c:\program files\FSP
2015-08-06 11:11 . 2001-09-05 02:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2015-08-06 11:11 . 2001-09-05 02:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2015-08-06 11:11 . 2001-09-05 02:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2015-08-06 11:11 . 2001-09-05 02:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2015-08-06 11:11 . 2009-10-21 13:17 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-11 11:55 . 2012-07-26 08:13 24288 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-08-11 09:55 . 2012-11-05 17:48 92768 ----a-w- c:\windows\system32\drivers\klflt.sys
2015-08-11 09:55 . 2012-11-05 17:48 627296 ----a-w- c:\windows\system32\drivers\klif.sys
2015-08-11 09:55 . 2012-10-04 16:25 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2015-08-11 09:55 . 2012-10-04 16:25 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys
2015-08-11 09:55 . 2012-08-13 16:49 177864 ----a-w- c:\windows\system32\drivers\kneps.sys
2015-08-11 09:55 . 2012-08-03 15:55 50448 ----a-w- c:\windows\system32\drivers\klwfp.sys
2015-08-11 09:55 . 2012-08-02 15:09 30304 ----a-w- c:\windows\system32\drivers\klim6.sys
2015-08-11 09:55 . 2012-06-19 17:28 458336 ----a-w- c:\windows\system32\drivers\kl1.sys
2015-07-28 08:59 . 2012-11-05 17:14 132483416 ----a-w- c:\windows\system32\MRT.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe" [2012-10-04 24504]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2012-08-16 320824]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2012-08-13 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2012-08-13 388408]
"CLMLServer_For_P2G8"="c:\program files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" [2012-06-08 111120]
"CLVirtualDrive"="c:\program files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" [2012-07-20 491120]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"YouCam Service"="c:\program files (x86)\CyberLink\YouCam\YouCamService.exe" [2012-07-30 258576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"ConfirmFileDelete"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R0 klelam;klelam;c:\windows\system32\DRIVERS\klelam.sys;c:\windows\SYSNATIVE\DRIVERS\klelam.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n-USB 2.0-Netzwerkadapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
R3 SmbDrv;SmbDrv;c:\windows\System32\drivers\Smb_driver_AMDASF.sys;c:\windows\SYSNATIVE\drivers\Smb_driver_AMDASF.sys [x]
S1 CLVirtualDrive;CLVirtualDrive;c:\windows\system32\DRIVERS\CLVirtualDrive.sys;c:\windows\SYSNATIVE\DRIVERS\CLVirtualDrive.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klwfp;klwfp;c:\windows\system32\DRIVERS\klwfp.sys;c:\windows\SYSNATIVE\DRIVERS\klwfp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [x]
S2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 BthLEEnum;Treiber für energiearme Bluetooth-Geräte;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 fspad_wlh64;@oem1.inf,%fspad.SvcDesc%_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\DRIVERS\fspad_wlh64.sys;c:\windows\SYSNATIVE\DRIVERS\fspad_wlh64.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 NETwNe64;@oem14.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew00.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew00.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 usb3Hub;USB-IF USB 3.0 Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe;c:\program files (x86)\Launch Manager\WisLMSvc.exe [x]
S3 XHCIPort;USB-IF xHCI USB Host Controller;c:\windows\System32\drivers\XHCIPort.sys;c:\windows\SYSNATIVE\drivers\XHCIPort.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-12 06:38 995144 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11 10:32]
.
2015-08-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11 10:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-08-07 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-08-07 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-08-07 440640]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-02 12921488]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-07-10 1214608]
"IntelMyWiFiDashboard"="c:\program files\Intel\CCDashboard\bin\CCDashServer.exe" [2012-07-13 5010224]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-08-08 11554688]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An Bluetooth senden - c:\program files (x86)\Intel\Bluetooth\btSendToObject.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-LMgrOSD - c:\program files (x86)\Launch Manager\OSDCtrl.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-fspuip - c:\program files (x86)\FSP\fspuip.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Zeit der Fertigstellung: 2015-08-14 12:37:38
ComboFix-quarantined-files.txt 2015-08-14 10:37
.
Vor Suchlauf: 10 Verzeichnis(se), 873.349.812.224 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 876.258.217.984 Bytes frei
.
- - End Of File - - 51300489707E6077B8E56A323EA50F4A
5FB38429D5D77768867C76DCBDB35194
|
|
14.08.2015, 19:26
| #6 |
| /// TB-Ausbilder | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
14.08.2015, 22:07
| #7 |
| | Adw-CleanerCode:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 14/08/2015 um 20:56:59
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-14.2 [Server]
# Betriebssystem : Windows 8 (x64)
# Benutzername : User - USER-PC
# Gestarted von : C:\Users\User\Downloads\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v10.0.9200.16442
-\\ Google Chrome v44.0.2403.155
*************************
AdwCleaner[R0].txt - [760 Bytes] - [14/08/2015 20:53:10]
AdwCleaner[S0].txt - [681 Bytes] - [14/08/2015 20:56:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [739 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 14.08.2015 Suchlaufzeit: 22:33 Protokolldatei: mbamlog.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.14.06 Rootkit-Datenbank: v2015.08.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: User Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 352317 Abgelaufene Zeit: 24 Min., 3 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 8 x64
Ran by User on 14.08.2015 at 23:04:43,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~ Chrome
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\User\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.08.2015 at 23:08:01,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
14.08.2015, 22:14
| #8 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam.Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015
durchgeführt von User (Administrator) auf USER-PC (14-08-2015 23:10:32)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [3768832 2009-12-17] (Sentelic Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2015-08-11] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{488C27E9-AC4E-4683-A1EB-288A81E366F5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8D570EDF-6B09-4C5E-AFD6-A6546A63DF91}: [DhcpNameServer] 192.168.10.1
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-11-05]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Minimal White) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcbojcafbggjenbeflknhfimpcikmlc [2015-08-11]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Safe Money) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-08-11]
CHR Extension: (Content Blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-08-11]
CHR Extension: (Virtual Keyboard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2015-08-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-11]
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR Extension: (Anti-Banner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-08-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2015-08-11] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2015-08-11] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2015-08-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2015-08-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2015-08-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2015-08-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2015-08-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2015-08-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-08-11] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-14 23:08 - 2015-08-14 23:08 - 00001149 _____ C:\Users\User\Desktop\JRT.txt
2015-08-14 23:03 - 2015-08-14 23:03 - 01791580 _____ (Malwarebytes Corporation) C:\Users\User\Downloads\JRT.exe
2015-08-14 22:32 - 2015-08-14 22:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-14 22:32 - 2015-08-14 22:32 - 00001110 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-14 22:32 - 2015-08-14 22:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-14 22:32 - 2015-08-14 22:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-14 22:32 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-14 22:32 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-14 22:32 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-14 22:30 - 2015-08-14 22:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-14 21:44 - 2015-08-08 04:27 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-14 21:44 - 2015-08-08 04:27 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-14 21:06 - 2015-08-14 21:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 21:06 - 2015-08-14 21:06 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 20:51 - 2015-08-14 20:57 - 00000000 ____D C:\AdwCleaner
2015-08-14 20:50 - 2015-08-14 20:50 - 02248704 _____ C:\Users\User\Downloads\AdwCleaner_4.208.exe
2015-08-14 15:42 - 2015-08-14 15:42 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-14 15:41 - 2015-08-14 15:41 - 00000067 _____ C:\Users\User\Downloads\listen.pls
2015-08-14 12:37 - 2015-08-14 12:37 - 00015434 _____ C:\ComboFix.txt
2015-08-14 12:12 - 2015-08-14 12:37 - 00000000 ____D C:\Qoobox
2015-08-14 12:12 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-14 12:12 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-14 12:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-14 11:54 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-08-14 11:54 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-08-14 11:54 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2015-08-14 11:54 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-08-14 11:54 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-08-14 11:54 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-08-14 11:54 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-08-14 11:54 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-08-14 11:54 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-08-14 11:54 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-08-14 11:54 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-14 11:54 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 11:54 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-14 11:54 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-08-14 11:54 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-08-14 11:54 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-08-14 11:54 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-08-14 11:54 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-08-14 11:54 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-08-14 11:35 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-08-14 11:35 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-08-14 11:35 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-08-14 11:35 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-08-14 11:35 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-08-14 11:35 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-08-14 11:35 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-08-14 11:35 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-08-14 11:33 - 2015-08-14 12:34 - 00000000 ____D C:\Windows\erdnt
2015-08-14 11:33 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-08-14 11:33 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-08-14 11:33 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-08-14 11:33 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-08-14 11:33 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-08-14 11:33 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-08-14 11:33 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-08-14 11:32 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2015-08-14 11:32 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2015-08-14 11:32 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-08-14 11:32 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-08-14 11:32 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-08-14 11:32 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2015-08-14 11:32 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2015-08-14 11:31 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-14 11:31 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2015-08-14 11:31 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-08-14 11:31 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2015-08-14 11:31 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2015-08-14 11:31 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2015-08-14 11:31 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-08-14 11:31 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2015-08-14 11:31 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-08-14 11:31 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2015-08-14 11:31 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-08-14 11:31 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2015-08-14 11:31 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2015-08-14 11:31 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2015-08-14 11:30 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2015-08-14 11:30 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-08-14 11:30 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-08-14 11:30 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-14 11:30 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2015-08-14 11:30 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2015-08-14 11:30 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-08-14 11:30 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2015-08-14 11:30 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2015-08-14 11:30 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-08-14 11:30 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-08-14 11:30 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-08-14 11:30 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2015-08-14 11:30 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-08-14 11:30 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-08-14 11:30 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-08-14 11:28 - 2015-08-14 11:29 - 05634572 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2015-08-14 10:44 - 2015-08-14 10:49 - 00030109 _____ C:\Users\User\Downloads\Addition.txt
2015-08-14 10:40 - 2015-08-14 23:10 - 00018088 _____ C:\Users\User\Downloads\FRST.txt
2015-08-14 10:38 - 2015-08-14 23:10 - 00000000 ____D C:\FRST
2015-08-14 10:38 - 2015-08-14 10:38 - 02173952 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-08-13 00:52 - 2015-08-14 10:27 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 23:34 - 2014-10-09 06:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-08-12 23:34 - 2014-10-09 06:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-08-12 23:34 - 2014-10-09 06:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-08-12 23:34 - 2014-10-09 05:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-08-12 23:34 - 2014-10-09 05:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-08-12 22:08 - 2015-01-09 08:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-08-12 22:08 - 2015-01-09 07:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-08-12 22:00 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-08-12 11:43 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-08-12 11:43 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-08-12 11:00 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 10:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 10:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 10:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 10:53 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:52 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 10:50 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 10:50 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 10:36 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 10:36 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 10:20 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 10:20 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 10:20 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 10:20 - 2015-07-16 22:31 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 10:20 - 2015-07-16 21:06 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 10:20 - 2015-06-29 15:27 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 10:20 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-08-12 10:20 - 2015-05-12 00:49 - 00527704 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 10:19 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:19 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:19 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 10:19 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 10:19 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 10:19 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 10:19 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 10:19 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 10:19 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 10:19 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 10:19 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 10:19 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 10:19 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 10:19 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 10:19 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 10:19 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 10:19 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 10:19 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 10:19 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 10:19 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 10:19 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 10:19 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 10:19 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 10:19 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 10:19 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 10:19 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 10:19 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 10:19 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 10:19 - 2015-06-15 17:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 10:19 - 2015-06-15 17:22 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 10:19 - 2015-06-15 17:20 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 10:19 - 2015-06-15 17:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 10:19 - 2015-06-15 17:19 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 10:19 - 2015-06-15 17:19 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 10:19 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 10:19 - 2015-05-28 04:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 10:19 - 2015-05-28 04:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-08-12 10:19 - 2015-05-28 04:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-08-12 10:19 - 2015-05-28 04:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 10:19 - 2015-05-28 02:45 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-08-12 10:19 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 10:19 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 10:19 - 2015-05-28 02:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 10:19 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 10:19 - 2015-05-28 02:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-08-12 10:19 - 2015-05-28 02:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-08-12 10:19 - 2015-05-28 02:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 10:19 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 10:19 - 2015-05-28 00:14 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-08-12 10:18 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 10:18 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 10:18 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 10:18 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 10:18 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 10:18 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 10:18 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 10:18 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 10:18 - 2015-06-27 18:36 - 00171352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 10:18 - 2015-06-27 15:56 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-08-12 10:18 - 2015-06-27 15:55 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 10:18 - 2015-06-27 15:55 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 10:18 - 2015-06-27 15:46 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 10:18 - 2015-06-27 15:46 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-08-12 10:18 - 2015-06-27 15:46 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 10:18 - 2015-06-25 20:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 10:18 - 2015-06-25 20:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 10:18 - 2015-01-07 06:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 10:18 - 2014-11-05 08:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-08-12 10:18 - 2014-10-30 09:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-12 10:18 - 2014-10-30 07:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-12 10:17 - 2014-11-05 08:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-08-12 10:17 - 2014-10-29 16:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-08-12 10:17 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-08-12 10:16 - 2015-04-30 15:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-08-12 10:16 - 2015-04-30 15:44 - 00478296 _____ C:\Windows\system32\locale.nls
2015-08-12 10:16 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-08-12 10:16 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-08-12 10:16 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-08-12 10:16 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-08-12 10:16 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-08-12 10:16 - 2014-11-15 08:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 10:16 - 2014-11-15 07:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:16 - 2014-11-15 07:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-08-12 10:16 - 2014-11-15 05:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:16 - 2014-11-15 05:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 10:16 - 2014-11-15 05:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 10:16 - 2014-11-15 05:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 10:09 - 2015-06-27 15:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 10:09 - 2015-06-27 15:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 10:09 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-12 10:09 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-08-12 10:08 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-08-12 10:06 - 2015-03-27 10:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2015-08-12 10:04 - 2015-04-21 15:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-08-12 10:04 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-08-12 09:58 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-08-12 09:58 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-08-12 09:58 - 2015-03-14 10:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-08-12 09:58 - 2015-03-14 08:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-08-12 09:58 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-08-12 09:58 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-08-12 09:58 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-08-12 09:58 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-08-12 09:56 - 2014-12-18 10:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-08-12 09:56 - 2014-12-18 08:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-08-12 09:56 - 2014-12-18 08:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-08-12 09:56 - 2014-12-18 08:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-08-12 09:56 - 2014-12-18 08:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-08-12 09:56 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-08-12 09:56 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-08-12 09:56 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-08-12 09:56 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-08-12 09:55 - 2014-12-19 08:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-08-12 09:55 - 2014-11-26 08:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-08-12 09:55 - 2014-11-26 06:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-08-12 09:55 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-08-12 09:55 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-08-12 09:55 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-08-12 09:55 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-08-12 09:52 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-08-12 09:52 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-08-12 09:52 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-08-12 09:52 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-08-12 09:52 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-08-12 09:52 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-08-12 09:52 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-08-12 09:37 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-08-12 09:37 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-08-12 09:27 - 2015-01-24 08:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-08-12 09:27 - 2015-01-24 07:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-08-12 09:24 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-08-12 09:24 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-08-12 09:24 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-08-12 09:24 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-08-12 09:24 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 09:24 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-08-12 09:24 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2015-08-12 09:24 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2015-08-12 09:24 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2015-08-12 09:24 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2015-08-11 22:29 - 2015-08-11 22:29 - 00000106 _____ C:\Windows\SynInst.log
2015-08-11 22:27 - 2015-08-11 22:27 - 00001084 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SynTP.lnk
2015-08-11 21:25 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-08-11 21:25 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-08-11 21:24 - 2015-06-17 16:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-11 21:24 - 2015-06-17 15:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-11 21:24 - 2015-04-13 07:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-08-11 21:24 - 2014-12-11 08:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-08-11 21:24 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-08-11 21:24 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-08-11 21:24 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-08-11 21:24 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-08-11 21:05 - 2015-08-11 21:05 - 00000000 ____D C:\Users\User\Tracing
2015-08-11 21:01 - 2015-08-11 21:01 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2015-08-11 21:00 - 2015-08-12 20:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-08-11 20:59 - 2015-08-11 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-11 20:59 - 2015-08-11 20:59 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-11 20:59 - 2015-08-11 20:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-11 20:59 - 2015-08-11 20:59 - 00000000 ____D C:\ProgramData\Skype
2015-08-11 20:57 - 2015-08-11 20:58 - 01384064 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2015-08-11 20:43 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-08-11 20:43 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-08-11 20:43 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-08-11 20:43 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-08-11 20:43 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-08-11 19:56 - 2014-09-13 08:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-11 19:56 - 2014-09-03 04:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-08-11 19:56 - 2014-09-03 04:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-08-11 19:56 - 2014-08-29 06:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-08-11 19:56 - 2014-08-29 06:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-08-11 19:56 - 2014-08-29 06:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-08-11 19:56 - 2014-08-29 06:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-08-11 19:56 - 2014-08-28 08:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2015-08-11 19:56 - 2014-08-28 08:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2015-08-11 19:56 - 2014-07-24 15:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-08-11 19:54 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-08-11 19:54 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-08-11 19:54 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-08-11 19:54 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-08-11 19:54 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-08-11 19:54 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 19:54 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-11 19:54 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-08-11 19:54 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2015-08-11 19:51 - 2015-01-29 10:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-08-11 19:51 - 2015-01-29 08:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-08-11 19:51 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2015-08-11 19:51 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-08-11 19:51 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-08-11 19:49 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-08-11 19:49 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-08-11 19:48 - 2014-10-09 05:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-08-11 19:48 - 2014-10-09 05:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-08-11 19:48 - 2014-10-09 05:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-08-11 19:48 - 2014-09-22 07:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-08-11 19:48 - 2014-09-22 05:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-08-11 19:44 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-08-11 19:44 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-08-11 19:44 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-08-11 19:44 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-08-11 19:44 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2015-08-11 19:44 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-08-11 19:44 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-08-11 19:44 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-08-11 19:44 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-08-11 19:44 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-08-11 19:44 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2015-08-11 19:44 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2015-08-11 19:44 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-08-11 19:44 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-08-11 19:44 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-08-11 19:44 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-08-11 19:44 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-08-11 19:44 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-08-11 19:44 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-08-11 19:44 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-08-11 19:44 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-08-11 19:44 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-08-11 19:44 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-08-11 19:44 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-08-11 19:43 - 2015-02-24 09:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-08-11 19:42 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-08-11 19:42 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-08-11 19:42 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-08-11 19:42 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-08-11 19:42 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-08-11 19:35 - 2015-06-09 15:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-11 19:35 - 2015-03-04 09:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-08-11 19:35 - 2015-03-04 08:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-08-11 19:35 - 2015-03-04 06:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-08-11 19:35 - 2015-01-24 06:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-08-11 19:35 - 2014-12-08 08:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-08-11 19:35 - 2014-12-08 07:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-08-11 19:35 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-08-11 19:35 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-11 19:35 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-08-11 19:35 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-08-11 19:35 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-08-11 19:35 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-11 19:28 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 19:28 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 19:28 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 15:28 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-08-11 15:28 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-08-11 15:20 - 2015-06-15 17:22 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-08-11 15:20 - 2015-06-15 17:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-11 15:20 - 2015-06-15 17:22 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-11 15:20 - 2015-06-15 17:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-11 15:20 - 2015-06-15 17:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-11 15:20 - 2015-06-15 17:20 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-08-11 15:20 - 2015-06-15 17:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-11 15:20 - 2015-06-15 17:19 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-11 15:20 - 2015-05-09 01:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 15:20 - 2015-05-08 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 15:20 - 2014-12-06 09:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-08-11 15:20 - 2014-12-06 09:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-08-11 15:20 - 2014-12-06 09:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-08-11 15:20 - 2014-12-06 08:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-08-11 15:20 - 2014-10-11 09:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-11 15:20 - 2014-10-11 07:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-11 15:20 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-08-11 15:18 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-08-11 15:18 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-08-11 15:18 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-08-11 15:18 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 15:18 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-08-11 15:18 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 15:18 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-11 15:18 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-08-11 15:16 - 2014-12-06 09:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-08-11 15:16 - 2014-12-06 09:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-08-11 15:16 - 2014-12-06 09:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-08-11 15:16 - 2014-12-06 09:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-08-11 15:16 - 2014-12-06 09:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-08-11 15:16 - 2014-12-06 08:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-08-11 15:16 - 2014-12-06 08:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-08-11 15:16 - 2014-12-06 08:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-08-11 15:16 - 2014-10-03 03:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-08-11 15:16 - 2014-10-03 00:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-08-11 15:16 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-08-11 15:16 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-08-11 15:16 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-08-11 15:16 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-08-11 15:16 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-08-11 15:16 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-08-11 15:16 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-08-11 15:16 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2015-08-11 15:16 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-08-11 15:16 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-11 15:16 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2015-08-11 15:16 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2015-08-11 15:16 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2015-08-11 15:16 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2015-08-11 15:16 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2015-08-11 15:16 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2015-08-11 15:16 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2015-08-11 15:16 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-08-11 15:16 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2015-08-11 15:16 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2015-08-11 15:16 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-08-11 15:16 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-08-11 15:16 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-08-11 15:16 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2015-08-11 15:16 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2015-08-11 15:08 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-08-11 15:08 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-08-11 15:08 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2015-08-11 15:08 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-08-11 15:08 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-08-11 15:05 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-08-11 15:05 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-08-11 15:01 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-08-11 14:49 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-08-11 14:49 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-08-11 14:48 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-08-11 14:48 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2015-08-11 14:48 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-08-11 14:48 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-08-11 14:48 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-08-11 14:48 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-08-11 14:48 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-08-11 14:48 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-08-11 14:48 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-08-11 14:48 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-08-11 14:48 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-08-11 14:48 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-08-11 14:48 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-08-11 14:47 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-08-11 14:47 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-08-11 14:47 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-08-11 14:47 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-08-11 14:47 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-08-11 14:47 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-08-11 14:47 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-08-11 14:47 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-08-11 14:47 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-08-11 14:47 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2015-08-11 14:47 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2015-08-11 14:47 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-08-11 14:47 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-08-11 14:47 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 14:47 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2015-08-11 14:47 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-08-11 14:47 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-08-11 14:47 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-08-11 14:47 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-08-11 14:47 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-08-11 14:47 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-08-11 14:47 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-08-11 14:47 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-08-11 14:47 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-08-11 14:47 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-08-11 14:47 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-08-11 14:47 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-08-11 14:47 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-08-11 14:47 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-08-11 14:47 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-11 14:47 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-11 14:46 - 2015-06-11 22:29 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-11 14:46 - 2015-06-11 18:27 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-11 14:46 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-08-11 14:46 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-08-11 14:46 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-11 14:46 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-11 14:46 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-08-11 14:46 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-08-11 14:46 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-08-11 14:46 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-08-11 14:46 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-08-11 14:46 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-08-11 14:46 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-08-11 14:46 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-08-11 14:46 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-11 14:46 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2015-08-11 14:45 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-08-11 14:45 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-08-11 14:45 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2015-08-11 14:45 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2015-08-11 14:45 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2015-08-11 14:45 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-08-11 14:45 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2015-08-11 14:33 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-11 14:33 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-11 14:33 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-11 14:33 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-08-11 14:33 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-08-11 14:33 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-08-11 14:33 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-08-11 14:33 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-08-11 14:33 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-08-11 14:33 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-08-11 14:33 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-08-11 14:33 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-08-11 14:33 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2015-08-11 14:33 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-08-11 14:33 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-08-11 14:33 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-08-11 14:33 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2015-08-11 14:33 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-08-11 14:33 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2015-08-11 14:33 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2015-08-11 14:33 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-08-11 14:33 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-08-11 14:33 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2015-08-11 14:33 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2015-08-11 14:33 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-11 14:32 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-11 14:32 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-11 14:32 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-08-11 14:32 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-08-11 14:32 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-11 14:32 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-08-11 14:32 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-08-11 14:32 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2015-08-11 14:32 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2015-08-11 14:32 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2015-08-11 14:32 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2015-08-11 14:32 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-08-11 14:32 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2015-08-11 14:32 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2015-08-11 14:32 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2015-08-11 14:32 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-08-11 14:31 - 2014-12-19 06:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-08-11 14:31 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-08-11 14:31 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2015-08-11 14:31 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-08-11 14:31 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-08-11 14:31 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-08-11 14:31 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-08-11 14:31 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-08-11 14:30 - 2014-10-11 07:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 14:30 - 2014-10-11 07:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 14:30 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-08-11 14:30 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-08-11 14:30 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 14:30 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 14:30 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 14:30 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 14:30 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-08-11 14:30 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 14:30 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 14:29 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-11 14:29 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-08-11 14:29 - 2015-01-24 08:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-08-11 14:29 - 2015-01-24 07:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-08-11 14:29 - 2014-11-08 13:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-08-11 14:29 - 2014-11-08 08:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-08-11 14:29 - 2014-10-23 14:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-08-11 14:29 - 2014-10-23 13:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-08-11 14:28 - 2015-04-25 05:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-08-11 14:28 - 2015-04-25 01:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-08-11 14:28 - 2015-02-17 08:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 14:28 - 2015-02-17 07:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 14:28 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-08-11 14:28 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-08-11 14:28 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 14:28 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-08-11 14:28 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-08-11 14:28 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 14:28 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-08-11 14:28 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-08-11 14:28 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-08-11 14:28 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-08-11 14:28 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-08-11 14:28 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 14:28 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 14:27 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 14:27 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 14:27 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 14:27 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-08-11 14:27 - 2015-01-15 13:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-08-11 14:27 - 2015-01-15 13:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 14:27 - 2015-01-15 12:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-08-11 14:27 - 2015-01-15 11:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 14:27 - 2015-01-15 11:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 14:27 - 2014-09-25 01:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-08-11 14:27 - 2014-09-25 01:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-08-11 14:27 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 14:27 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 14:27 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 14:27 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 12:43 - 2015-08-11 12:43 - 00001348 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk
2015-08-11 12:39 - 2015-08-11 12:39 - 00541410 _____ C:\Users\User\Downloads\tpfc_v062.zip
2015-08-11 12:33 - 2015-08-12 08:42 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 12:33 - 2015-08-11 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-11 12:32 - 2015-08-14 22:37 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 12:32 - 2015-08-14 22:28 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 12:32 - 2015-08-11 12:33 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-08-11 12:32 - 2015-08-11 12:33 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-11 12:32 - 2015-08-11 12:32 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-11 12:32 - 2015-08-11 12:32 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-11 12:31 - 2015-08-11 12:32 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2015-08-11 12:31 - 2015-08-11 12:31 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0
2015-08-11 12:30 - 2015-08-11 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2015-08-06 15:08 - 2015-08-11 22:39 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1049590450-3514696037-1677154721-1001
2015-08-06 15:05 - 2015-08-14 22:29 - 00000000 ____D C:\Users\User\Documents\Youcam
2015-08-06 15:05 - 2015-08-06 15:05 - 00000000 ____D C:\Users\User\AppData\Local\CyberLink
2015-08-06 15:03 - 2015-08-06 15:03 - 00000000 ____D C:\Users\User\AppData\Local\Power2Go8
2015-08-06 15:02 - 2015-08-06 15:02 - 00001446 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-06 15:02 - 2015-08-06 15:02 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-06 15:02 - 2015-08-06 15:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-08-06 15:02 - 2012-10-17 15:13 - 00001655 _____ C:\Users\Default\Desktop\LIFESTORE.lnk
2015-08-06 15:02 - 2012-10-17 15:13 - 00001655 _____ C:\Users\Default User\Desktop\LIFESTORE.lnk
2015-08-06 15:02 - 2012-09-21 05:40 - 00001021 _____ C:\Users\Default\Desktop\Gutscheine bei coupons4u.lnk
2015-08-06 15:02 - 2012-09-21 05:40 - 00001021 _____ C:\Users\Default User\Desktop\Gutscheine bei coupons4u.lnk
2015-08-06 15:02 - 2012-09-15 20:56 - 00001995 _____ C:\Users\Default\Desktop\MEDIONplay.lnk
2015-08-06 15:02 - 2012-09-15 20:56 - 00001995 _____ C:\Users\Default User\Desktop\MEDIONplay.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00002786 _____ C:\Users\Default\Desktop\MEDIONmail.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00002786 _____ C:\Users\Default User\Desktop\MEDIONmail.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00001779 _____ C:\Users\Default\Desktop\MEDION Serviceportal.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00001779 _____ C:\Users\Default User\Desktop\MEDION Serviceportal.lnk
2015-08-06 15:00 - 2015-08-06 15:00 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2015-08-06 14:59 - 2015-08-14 23:09 - 01690970 _____ C:\Windows\WindowsUpdate.log
2015-08-06 14:59 - 2015-08-06 15:02 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2015-08-06 14:59 - 2015-08-06 14:59 - 00000020 ___SH C:\Users\User\ntuser.ini
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Vorlagen
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Startmenü
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Netzwerkumgebung
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Lokale Einstellungen
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Eigene Dateien
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Druckumgebung
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Documents\Eigene Musik
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Documents\Eigene Bilder
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Local\Verlauf
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Local\Anwendungsdaten
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Anwendungsdaten
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Intel
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-06 14:50 - 2015-08-06 14:50 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1049590450-3514696037-1677154721-500
2015-08-06 14:00 - 2015-08-06 14:00 - 00000000 ____D C:\report
2015-08-06 13:48 - 2015-08-06 13:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Player Classic
2015-08-06 13:47 - 2015-08-06 13:58 - 00000070 _____ C:\Program Files\smaple.txt
2015-08-06 13:23 - 2015-08-06 13:23 - 00003072 _____ C:\Users\User\AppData\Local\file__0.localstorage
2015-08-06 13:16 - 2015-08-06 13:16 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-08-06 13:16 - 2015-08-06 13:16 - 00002014 _____ C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-08-06 13:16 - 2015-08-06 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-08-06 13:16 - 2015-08-06 13:16 - 00000000 ____D C:\Program Files\Intel Corporation
2015-08-06 13:11 - 2015-08-06 13:11 - 00000000 ____D C:\Program Files\FSP
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-14 23:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-14 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-14 22:55 - 2012-11-05 19:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-14 21:48 - 2012-11-05 19:01 - 00713560 _____ C:\Windows\system32\perfh01D.dat
2015-08-14 21:48 - 2012-11-05 19:01 - 00149444 _____ C:\Windows\system32\perfc01D.dat
2015-08-14 21:48 - 2012-11-05 18:54 - 00786588 _____ C:\Windows\system32\perfh013.dat
2015-08-14 21:48 - 2012-11-05 18:54 - 00159122 _____ C:\Windows\system32\perfc013.dat
2015-08-14 21:48 - 2012-11-05 18:49 - 00782014 _____ C:\Windows\system32\perfh010.dat
2015-08-14 21:48 - 2012-11-05 18:49 - 00153144 _____ C:\Windows\system32\perfc010.dat
2015-08-14 21:48 - 2012-11-05 18:47 - 00731582 _____ C:\Windows\system32\perfh00E.dat
2015-08-14 21:48 - 2012-11-05 18:47 - 00174554 _____ C:\Windows\system32\perfc00E.dat
2015-08-14 21:48 - 2012-11-05 18:45 - 00791060 _____ C:\Windows\system32\perfh00C.dat
2015-08-14 21:48 - 2012-11-05 18:45 - 00155620 _____ C:\Windows\system32\perfc00C.dat
2015-08-14 21:48 - 2012-11-05 18:43 - 00427352 _____ C:\Windows\system32\perfh00B.dat
2015-08-14 21:48 - 2012-11-05 18:43 - 00081986 _____ C:\Windows\system32\perfc00B.dat
2015-08-14 21:48 - 2012-11-05 18:41 - 00788984 _____ C:\Windows\system32\perfh00A.dat
2015-08-14 21:48 - 2012-11-05 18:41 - 00162890 _____ C:\Windows\system32\perfc00A.dat
2015-08-14 21:48 - 2012-11-05 18:36 - 00754172 _____ C:\Windows\system32\perfh007.dat
2015-08-14 21:48 - 2012-11-05 18:36 - 00156362 _____ C:\Windows\system32\perfc007.dat
2015-08-14 21:48 - 2012-11-05 18:34 - 00456714 _____ C:\Windows\system32\perfh006.dat
2015-08-14 21:48 - 2012-11-05 18:34 - 00079958 _____ C:\Windows\system32\perfc006.dat
2015-08-14 21:48 - 2012-07-26 09:28 - 08336938 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-14 21:40 - 2012-11-05 17:57 - 00010248 _____ C:\Windows\PFRO.log
2015-08-14 21:40 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-14 21:38 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-14 21:32 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 21:32 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2015-08-14 21:30 - 2012-11-05 18:34 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\winrm
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\migwiz
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-14 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-08-14 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-08-14 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2015-08-14 21:29 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\WCN
2015-08-14 21:29 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\slmgr
2015-08-14 21:29 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MUI
2015-08-14 21:29 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2015-08-14 21:29 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2015-08-14 21:25 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-08-14 21:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-08-14 21:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Com
2015-08-14 21:23 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\en-GB
2015-08-14 21:23 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-08-14 21:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\en-GB
2015-08-14 21:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-08-14 21:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-14 21:11 - 2012-07-26 10:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 21:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-08-14 21:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-14 21:09 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 21:09 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 21:09 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-08-14 21:06 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AppCompat
2015-08-14 21:02 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2015-08-14 21:00 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 21:00 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 17:49 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-14 17:47 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2015-08-14 12:37 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2015-08-14 12:31 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2015-08-12 19:59 - 2012-11-05 17:56 - 00000000 ____D C:\Windows\Panther
2015-08-11 12:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System
2015-08-11 11:56 - 2012-07-26 09:21 - 00045399 _____ C:\Windows\setupact.log
2015-08-11 11:55 - 2012-11-05 19:48 - 00627296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-11 11:55 - 2012-11-05 19:48 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-11 11:55 - 2012-10-04 18:25 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-08-11 11:55 - 2012-10-04 18:25 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-08-11 11:55 - 2012-08-13 18:49 - 00177864 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-08-11 11:55 - 2012-08-03 17:55 - 00050448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-08-11 11:55 - 2012-08-02 17:09 - 00030304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-08-11 11:55 - 2012-06-19 19:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-08-06 22:48 - 2012-07-26 10:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-08-06 15:09 - 2012-12-18 13:34 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-08-06 15:02 - 2012-07-26 09:20 - 00000000 ____D C:\Windows\Setup
2015-08-06 14:58 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-06 14:51 - 2012-07-26 10:13 - 00010443 _____ C:\Windows\DtcInstall.log
2015-08-06 13:16 - 2012-12-18 12:19 - 00000000 ____D C:\ProgramData\Intel
2015-08-06 13:14 - 2012-11-05 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 13:13 - 2012-12-18 12:35 - 00017112 _____ C:\Windows\DPINST.LOG
2015-08-06 13:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2015-07-28 10:59 - 2012-11-05 19:14 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-06 13:47 - 2015-08-06 13:58 - 0000070 _____ () C:\Program Files\smaple.txt
2015-08-06 13:23 - 2015-08-06 13:23 - 0003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2015-08-06 13:10 - 2015-08-06 13:17 - 0022795 _____ () C:\Users\User\AppData\Local\WiDiSetupLog.20150806.131054.txt
2012-12-18 13:38 - 2012-12-18 13:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2012-11-05 17:57
==================== Ende von Ergebnis ============================
|
|
14.08.2015, 22:14
| #9 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-08-2015
durchgeführt von User (2015-08-14 23:11:31)
Gestartet von C:\Users\User\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1049590450-3514696037-1677154721-500 - Administrator - Disabled)
Gast (S-1-5-21-1049590450-3514696037-1677154721-501 - Limited - Disabled)
User (S-1-5-21-1049590450-3514696037-1677154721-1001 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.6.4 - Sentelic)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.9.6 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
06-08-2015 13:11:27 Installiert Finger Sensing Pad Driver
06-08-2015 13:11:35 Installed Intel(R) WiDi.
11-08-2015 15:22:36 Windows Update
14-08-2015 12:12:59 ComboFix created restore point
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D1483FD-F5A3-4C6A-9AD6-CDDC3005A64B} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5E686F86-CC21-45DD-AB01-A7EC568CAD6A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {641AD697-A4C8-4BF6-9CD5-1D392F0AC58C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-28] (Microsoft Corporation)
Task: {94C4CF35-5E70-4F86-928E-B249FCC33FB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.)
Task: {A1E90357-CBEC-44CB-BB82-D405B2269A92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.)
Task: {BB48774F-644B-49DD-8016-98E16CF5EE2B} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-08-17 23:39 - 2015-08-11 11:48 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-08-17 23:38 - 2012-08-17 23:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-08-17 23:40 - 2012-08-17 23:40 - 00068024 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\ws_Purple_Sky_River_Trees_Reflect_2560x1600.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{27E3B9C1-4C70-489F-9EE8-C46E26E9715A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F7218085-98A7-483D-8F82-31BF21913E71}] => (Allow) LPort=2869
FirewallRules: [{48236E57-1BA0-420C-8D42-002FD75F0D3C}] => (Allow) LPort=1900
FirewallRules: [{9CA6D5C6-326C-4A5D-9FA0-4FE87D3C51ED}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9031E06A-ED6D-4776-B311-0618F5F20E6D}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{D022BDC7-2A16-490F-BEC7-7E9B82E85627}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{1F99D8A8-2AFF-4FD7-8499-A95AB5707A19}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{D5B47011-D402-4D5E-B466-B6089CBBD1FC}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{BD5E0F5E-C67F-465A-B527-94F777E8BFAB}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{F98AD7CB-3153-4A7D-80E3-9B3946752BC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{31833E5C-8DD7-4F00-80D4-A89EB1B4157E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{2E8974E1-FD2D-4F3D-98CD-CD91C5B3715D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{DAB78648-FCEE-4C46-A87A-996906A64695}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{F9BE694E-BA0D-4C5D-857E-BE6CDDF119ED}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{4E8E4B64-5E3B-442B-8713-4EAAE89E1C13}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68CB4B6B-F0CF-4AC4-BA15-2EBB971F0900}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/14/2015 09:50:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/14/2015 10:45:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 11:19:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 09:10:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ccdash.exe, Version: 15.5.0.0, Zeitstempel: 0x50008f56
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.2.9200.16857, Zeitstempel: 0x530e784b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000047b8c
ID des fehlerhaften Prozesses: 0x1234
Startzeit der fehlerhaften Anwendung: 0xccdash.exe0
Pfad der fehlerhaften Anwendung: ccdash.exe1
Pfad des fehlerhaften Moduls: ccdash.exe2
Berichtskennung: ccdash.exe3
Vollständiger Name des fehlerhaften Pakets: ccdash.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ccdash.exe5
Error: (08/12/2015 09:10:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ccdash.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Security.Principal.IdentityNotMappedException
Stapel:
bei System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean)
bei System.Security.Principal.NTAccount.Translate(System.Type)
bei System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef)
bei System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.OpenPermissionsOnFile(System.String)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.LoadDB()
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB..ctor()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.Main()
Error: (08/12/2015 07:48:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 15.5.0.2, Zeitstempel: 0x50070789
Name des fehlerhaften Moduls: MurocApi.dll, Version: 15.5.0.1, Zeitstempel: 0x500706ce
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026390
ID des fehlerhaften Prozesses: 0x83c
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (08/12/2015 07:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: delegate_execute.exe, Version: 44.0.2403.155, Zeitstempel: 0x55c51cbe
Name des fehlerhaften Moduls: delegate_execute.exe, Version: 44.0.2403.155, Zeitstempel: 0x55c51cbe
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000851f
ID des fehlerhaften Prozesses: 0xc58
Startzeit der fehlerhaften Anwendung: 0xdelegate_execute.exe0
Pfad der fehlerhaften Anwendung: delegate_execute.exe1
Pfad des fehlerhaften Moduls: delegate_execute.exe2
Berichtskennung: delegate_execute.exe3
Vollständiger Name des fehlerhaften Pakets: delegate_execute.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: delegate_execute.exe5
Error: (08/11/2015 08:50:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/11/2015 08:50:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Das Paket „Microsoft.SkypeApp_1.2.0.129_x86__kzf8qxf38zg5c“ wurde beendet, da das Anhalten zu lange dauerte.
Error: (08/11/2015 08:50:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: USER-PC)
Description: Die App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Systemfehler:
=============
Error: (08/14/2015 11:05:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 11:05:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/14/2015 11:05:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/14/2015 11:05:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 11:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Bluetooth OBEX Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/14/2015 11:05:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel® Centrino® Wireless Bluetooth® + High Speed Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/14/2015 11:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/14/2015 11:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo64 Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/14/2015 11:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/14/2015 11:05:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (08/14/2015 09:50:05 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/14/2015 10:45:04 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 11:19:23 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/12/2015 09:10:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ccdash.exe15.5.0.050008f56KERNELBASE.dll6.2.9200.16857530e784be04343520000000000047b8c123401d0d5320548c436C:\Program Files\Intel\CCDashboard\bin\ccdash.exeC:\Windows\system32\KERNELBASE.dllbf4df18b-4125-11e5-be9b-685d43f07f66
Error: (08/12/2015 09:10:04 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ccdash.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Security.Principal.IdentityNotMappedException
Stapel:
bei System.Security.Principal.NTAccount.Translate(System.Security.Principal.IdentityReferenceCollection, System.Type, Boolean)
bei System.Security.Principal.NTAccount.Translate(System.Type)
bei System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(System.Security.AccessControl.AccessControlModification, System.Security.AccessControl.AccessRule, Boolean ByRef)
bei System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(System.Security.AccessControl.AccessRule)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.OpenPermissionsOnFile(System.String)
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB.LoadDB()
bei Intel.Wireless.ComputeContinuum.Dashboard.Database.AppDB..ctor()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run()
bei Intel.Wireless.ComputeContinuum.Dashboard.App.Main()
Error: (08/12/2015 07:48:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe15.5.0.250070789MurocApi.dll15.5.0.1500706cec0000005000000000002639083c01d0d526ae081f61C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll56b15909-411a-11e5-be9b-685d43f07f66
Error: (08/12/2015 07:18:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe44.0.2403.15555c51cbedelegate_execute.exe44.0.2403.15555c51cbe800000030000851fc5801d0d522e7b5b7e7C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\delegate_execute.exe2d64c515-4116-11e5-be9a-685d43f07f66
Error: (08/11/2015 08:50:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: USER-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927142
Error: (08/11/2015 08:50:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: USER-PC)
Description: Microsoft.SkypeApp_1.2.0.129_x86__kzf8qxf38zg5c
Error: (08/11/2015 08:50:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: USER-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 3961.71 MB
Verfügbarer physikalischer RAM: 2160.42 MB
Summe virtueller Speicher: 6905.71 MB
Verfügbarer virtueller Speicher: 4904.58 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:879.36 GB) (Free:806.72 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Ergebnis ============================
|
|
15.08.2015, 08:58
| #10 |
| /// TB-Ausbilder | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
16.08.2015, 23:06
| #11 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam.Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-08-2015
durchgeführt von User (Administrator) auf USER-PC (17-08-2015 00:01:38)
Gestartet von C:\Users\User\Downloads\FRST-OlderVersion
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [3768832 2009-12-17] (Sentelic Corporation)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2012-10-04] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2015-08-11] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2015-08-11] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{488C27E9-AC4E-4683-A1EB-288A81E366F5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8D570EDF-6B09-4C5E-AFD6-A6546A63DF91}: [DhcpNameServer] 192.168.10.1
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [2012-03-29] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.5\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2012-11-05]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2012-11-05]
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-11]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-11]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Minimal White) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcbojcafbggjenbeflknhfimpcikmlc [2015-08-11]
CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-11]
CHR Extension: (Safe Money) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-08-11]
CHR Extension: (Content Blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-08-11]
CHR Extension: (Virtual Keyboard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2015-08-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-11]
CHR Extension: (Kaspersky Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-08-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR Extension: (Anti-Banner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-08-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-10-04]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-10-04]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2015-08-11] (Kaspersky Lab ZAO)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2015-08-11] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2015-08-11] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2015-08-11] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2015-08-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2015-08-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2015-08-11] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2015-08-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [177864 2015-08-11] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4273192 2012-08-07] (Intel Corporation)
S3 RTL8192cu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1576080 2012-08-07] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-11-29] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-11-29] (Windows (R) Win 7 DDK provider)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-16 23:58 - 2015-08-16 23:58 - 00852684 _____ C:\Users\User\Downloads\SecurityCheck.exe
2015-08-16 21:27 - 2015-08-16 21:29 - 02870984 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu (1).exe
2015-08-16 21:19 - 2015-08-16 21:20 - 02870984 _____ (ESET) C:\Users\User\Downloads\esetsmartinstaller_deu.exe
2015-08-16 21:07 - 2015-08-16 21:07 - 00294992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-16 21:03 - 2015-08-17 00:01 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2015-08-15 08:17 - 2015-08-16 20:53 - 00000000 ____D C:\Windows\system32\AutoUpdateLicense
2015-08-14 23:08 - 2015-08-14 23:08 - 00001149 _____ C:\Users\User\Desktop\JRT.txt
2015-08-14 23:03 - 2015-08-14 23:03 - 01791580 _____ (Malwarebytes Corporation) C:\Users\User\Downloads\JRT.exe
2015-08-14 22:32 - 2015-08-14 22:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-14 22:32 - 2015-08-14 22:32 - 00001110 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-14 22:32 - 2015-08-14 22:32 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-14 22:32 - 2015-08-14 22:32 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-14 22:32 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-14 22:32 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-14 22:32 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-14 22:30 - 2015-08-14 22:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-14 21:44 - 2015-08-08 04:27 - 00793544 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-14 21:44 - 2015-08-08 04:27 - 00177632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-14 21:06 - 2015-08-14 21:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 21:06 - 2015-08-14 21:06 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 20:51 - 2015-08-14 20:57 - 00000000 ____D C:\AdwCleaner
2015-08-14 20:50 - 2015-08-14 20:50 - 02248704 _____ C:\Users\User\Downloads\AdwCleaner_4.208.exe
2015-08-14 15:42 - 2015-08-14 15:42 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-14 15:41 - 2015-08-14 15:41 - 00000067 _____ C:\Users\User\Downloads\listen.pls
2015-08-14 15:08 - 2015-03-04 09:26 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2015-08-14 15:08 - 2015-03-04 09:26 - 00467952 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2015-08-14 15:08 - 2015-03-04 09:26 - 00011105 _____ C:\Windows\system32\AutoconfigV2.cab
2015-08-14 15:08 - 2015-03-04 08:41 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-08-14 15:08 - 2015-03-04 08:41 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-14 15:08 - 2015-03-04 06:53 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-08-14 15:08 - 2015-03-04 06:53 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-14 15:08 - 2014-10-22 03:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-08-14 15:08 - 2014-10-22 03:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-14 12:37 - 2015-08-14 12:37 - 00015434 _____ C:\ComboFix.txt
2015-08-14 12:12 - 2015-08-14 12:37 - 00000000 ____D C:\Qoobox
2015-08-14 12:12 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-14 12:12 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-14 12:12 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-14 12:12 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-14 11:54 - 2014-07-12 06:41 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-08-14 11:54 - 2014-07-12 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-08-14 11:54 - 2014-07-12 06:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-08-14 11:54 - 2014-07-12 06:15 - 00006144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-08-14 11:54 - 2014-07-09 00:33 - 00181248 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe
2015-08-14 11:54 - 2014-07-09 00:32 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2015-08-14 11:54 - 2014-07-09 00:32 - 00340480 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll
2015-08-14 11:54 - 2014-07-09 00:30 - 01220608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2015-08-14 11:54 - 2014-07-07 07:52 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2015-08-14 11:54 - 2014-07-07 07:52 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2015-08-14 11:54 - 2014-07-04 12:52 - 00328000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-08-14 11:54 - 2014-06-28 09:01 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-08-14 11:54 - 2014-06-28 08:56 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-14 11:54 - 2014-06-18 01:27 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 11:54 - 2014-06-18 01:23 - 02238464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-14 11:54 - 2014-06-11 16:47 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-08-14 11:54 - 2014-06-11 06:40 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-08-14 11:54 - 2014-06-11 00:44 - 01403896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-08-14 11:54 - 2014-02-04 12:57 - 01271664 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-08-14 11:54 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-08-14 11:54 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-08-14 11:35 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-08-14 11:35 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-08-14 11:35 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-08-14 11:35 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-08-14 11:35 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-08-14 11:35 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-08-14 11:35 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-08-14 11:35 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-08-14 11:33 - 2015-08-14 12:34 - 00000000 ____D C:\Windows\erdnt
2015-08-14 11:33 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-08-14 11:33 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-08-14 11:33 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2015-08-14 11:33 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2015-08-14 11:33 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-08-14 11:33 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-08-14 11:33 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2015-08-14 11:33 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-08-14 11:32 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2015-08-14 11:32 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2015-08-14 11:32 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-08-14 11:32 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2015-08-14 11:32 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2015-08-14 11:32 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2015-08-14 11:32 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2015-08-14 11:31 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-14 11:31 - 2013-01-10 03:53 - 00028904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpiowin32.sys
2015-08-14 11:31 - 2013-01-10 03:29 - 00091880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-08-14 11:31 - 2013-01-10 01:26 - 01752064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2015-08-14 11:31 - 2013-01-10 01:26 - 01611776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2015-08-14 11:31 - 2013-01-10 01:26 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2015-08-14 11:31 - 2013-01-10 01:26 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2015-08-14 11:31 - 2013-01-10 01:26 - 00083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe
2015-08-14 11:31 - 2013-01-10 01:23 - 02094592 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2015-08-14 11:31 - 2013-01-10 01:23 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 01886208 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 00256000 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-08-14 11:31 - 2013-01-10 01:23 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\wiaacmgr.exe
2015-08-14 11:31 - 2013-01-10 01:22 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-08-14 11:31 - 2013-01-10 01:22 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2015-08-14 11:31 - 2013-01-10 01:22 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2015-08-14 11:31 - 2012-11-02 07:19 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\adhapi.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2015-08-14 11:31 - 2012-11-02 07:18 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\keepaliveprovider.dll
2015-08-14 11:30 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2015-08-14 11:30 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2015-08-14 11:30 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2015-08-14 11:30 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-14 11:30 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2015-08-14 11:30 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2015-08-14 11:30 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-08-14 11:30 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-08-14 11:30 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2015-08-14 11:30 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2015-08-14 11:30 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2015-08-14 11:30 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-08-14 11:30 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-08-14 11:30 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-08-14 11:30 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2015-08-14 11:30 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-08-14 11:30 - 2013-01-09 05:59 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-08-14 11:30 - 2013-01-09 05:58 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-08-14 11:28 - 2015-08-14 11:29 - 05634572 ____R (Swearware) C:\Users\User\Desktop\ComboFix.exe
2015-08-14 10:44 - 2015-08-14 23:11 - 00030093 _____ C:\Users\User\Downloads\Addition.txt
2015-08-14 10:40 - 2015-08-14 23:12 - 00116808 _____ C:\Users\User\Downloads\FRST.txt
2015-08-14 10:38 - 2015-08-17 00:01 - 00000000 ____D C:\FRST
2015-08-14 10:38 - 2015-08-16 21:03 - 02173440 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-08-13 00:52 - 2015-08-14 10:27 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 23:34 - 2014-10-09 06:00 - 01519104 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-08-12 23:34 - 2014-10-09 06:00 - 01484288 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-08-12 23:34 - 2014-10-09 06:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-08-12 23:34 - 2014-10-09 05:59 - 01195520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-08-12 23:34 - 2014-10-09 05:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-08-12 22:08 - 2015-01-09 08:43 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-08-12 22:08 - 2015-01-09 07:03 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-08-12 22:00 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-08-12 11:43 - 2014-09-03 04:48 - 00510464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-08-12 11:43 - 2014-09-03 04:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-08-12 11:00 - 2015-07-01 15:00 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 10:59 - 2015-07-01 14:58 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 10:59 - 2015-07-01 13:42 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 10:59 - 2015-07-01 13:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 10:53 - 2015-07-09 23:46 - 05982208 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:52 - 2015-07-09 22:17 - 05095424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 10:50 - 2015-07-09 23:44 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 10:50 - 2015-07-09 22:16 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 10:36 - 2015-07-13 23:05 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 10:36 - 2015-07-13 23:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 10:20 - 2015-07-28 18:25 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 10:20 - 2015-07-28 16:13 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 10:20 - 2015-07-28 16:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 10:20 - 2015-07-28 15:12 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 10:20 - 2015-07-16 22:31 - 19291648 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 10:20 - 2015-07-16 21:06 - 14383616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 10:20 - 2015-06-29 15:27 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 10:20 - 2015-05-22 22:44 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-08-12 10:20 - 2015-05-12 00:49 - 00527704 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 10:19 - 2015-07-30 15:11 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:19 - 2015-07-30 15:10 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:19 - 2015-07-29 16:45 - 01412608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 10:19 - 2015-07-29 16:45 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 10:19 - 2015-07-29 15:52 - 01840640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 10:19 - 2015-07-29 15:52 - 01280000 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 10:19 - 2015-07-29 15:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 10:19 - 2015-07-28 00:42 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 10:19 - 2015-07-28 00:40 - 04064768 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 10:19 - 2015-07-28 00:40 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 10:19 - 2015-07-16 22:32 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 10:19 - 2015-07-16 22:32 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 10:19 - 2015-07-16 22:32 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 10:19 - 2015-07-16 22:31 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 10:19 - 2015-07-16 22:31 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 10:19 - 2015-07-16 22:31 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 10:19 - 2015-07-16 22:30 - 15416320 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 10:19 - 2015-07-16 22:30 - 02657280 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 10:19 - 2015-07-16 22:30 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 10:19 - 2015-07-16 21:07 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 10:19 - 2015-07-16 21:07 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 10:19 - 2015-07-16 21:07 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 13774848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 02865664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00737280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 10:19 - 2015-07-16 21:06 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 10:19 - 2015-07-13 23:23 - 01744384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 10:19 - 2015-07-13 23:23 - 01422336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 10:19 - 2015-07-13 23:05 - 02340864 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 10:19 - 2015-07-13 23:05 - 01850880 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 10:19 - 2015-07-06 18:16 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 10:19 - 2015-07-06 16:32 - 00281944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 10:19 - 2015-06-15 17:22 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 10:19 - 2015-06-15 17:22 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 10:19 - 2015-06-15 17:20 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 10:19 - 2015-06-15 17:20 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 10:19 - 2015-06-15 17:19 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 10:19 - 2015-06-15 17:19 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 10:19 - 2015-06-09 15:09 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 10:19 - 2015-05-28 04:04 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 10:19 - 2015-05-28 04:03 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-08-12 10:19 - 2015-05-28 04:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2015-08-12 10:19 - 2015-05-28 04:02 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 10:19 - 2015-05-28 04:01 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 10:19 - 2015-05-28 02:45 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2015-08-12 10:19 - 2015-05-28 02:44 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 10:19 - 2015-05-28 02:43 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 10:19 - 2015-05-28 02:43 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 10:19 - 2015-05-28 02:24 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 10:19 - 2015-05-28 02:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 10:19 - 2015-05-28 02:22 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-08-12 10:19 - 2015-05-28 02:20 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2015-08-12 10:19 - 2015-05-28 02:00 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 10:19 - 2015-05-28 01:55 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 10:19 - 2015-05-28 00:14 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2015-08-12 10:18 - 2015-07-15 18:09 - 06969688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 10:18 - 2015-07-15 18:09 - 00095064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 10:18 - 2015-07-15 18:06 - 01824296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 10:18 - 2015-07-15 15:49 - 01410000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 10:18 - 2015-07-15 15:29 - 01333248 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 10:18 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 10:18 - 2015-07-09 23:47 - 00243712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 10:18 - 2015-07-09 22:18 - 00233984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 10:18 - 2015-06-27 18:36 - 00171352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 10:18 - 2015-06-27 15:56 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-08-12 10:18 - 2015-06-27 15:55 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 10:18 - 2015-06-27 15:55 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 10:18 - 2015-06-27 15:46 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 10:18 - 2015-06-27 15:46 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-08-12 10:18 - 2015-06-27 15:46 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 10:18 - 2015-06-25 20:29 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 10:18 - 2015-06-25 20:27 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 10:18 - 2015-01-07 06:25 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 10:18 - 2014-11-05 08:39 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-08-12 10:18 - 2014-10-30 09:20 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-12 10:18 - 2014-10-30 07:22 - 01569792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-12 10:17 - 2014-11-05 08:40 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-08-12 10:17 - 2014-10-29 16:21 - 00499008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-08-12 10:17 - 2014-08-28 08:01 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-08-12 10:16 - 2015-04-30 15:44 - 00478296 _____ C:\Windows\SysWOW64\locale.nls
2015-08-12 10:16 - 2015-04-30 15:44 - 00478296 _____ C:\Windows\system32\locale.nls
2015-08-12 10:16 - 2015-03-04 08:41 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-08-12 10:16 - 2015-03-04 08:39 - 00632832 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-08-12 10:16 - 2015-03-04 08:39 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-08-12 10:16 - 2015-03-04 06:53 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-08-12 10:16 - 2015-03-04 06:52 - 00676864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-08-12 10:16 - 2014-11-15 08:06 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 10:16 - 2014-11-15 07:13 - 03286016 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 10:16 - 2014-11-15 07:13 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:16 - 2014-11-15 07:12 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-08-12 10:16 - 2014-11-15 05:54 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:16 - 2014-11-15 05:53 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 10:16 - 2014-11-15 05:53 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 10:16 - 2014-11-15 05:53 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 10:09 - 2015-06-27 15:46 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 10:09 - 2015-06-27 15:23 - 00694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 10:09 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-12 10:09 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-08-12 10:08 - 2015-03-12 07:31 - 01688576 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-08-12 10:06 - 2015-03-27 10:07 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll
2015-08-12 10:04 - 2015-04-21 15:53 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-08-12 09:58 - 2015-04-06 07:36 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-08-12 09:58 - 2015-04-06 06:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-08-12 09:58 - 2015-03-14 10:07 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-08-12 09:58 - 2015-03-14 08:33 - 00891904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-08-12 09:58 - 2015-03-12 07:31 - 02048000 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-08-12 09:58 - 2015-03-12 07:31 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-08-12 09:58 - 2015-03-12 05:52 - 01933312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-08-12 09:58 - 2014-08-01 01:40 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-08-12 09:56 - 2014-12-18 10:51 - 00096576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-08-12 09:56 - 2014-12-18 08:52 - 00889344 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-08-12 09:56 - 2014-12-18 08:51 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-08-12 09:56 - 2014-12-18 08:50 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-08-12 09:56 - 2014-12-18 08:20 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-08-12 09:56 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-08-12 09:56 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-08-12 09:56 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-08-12 09:56 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-08-12 09:55 - 2014-12-19 08:48 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-08-12 09:55 - 2014-11-26 08:43 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-08-12 09:55 - 2014-11-26 06:50 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-08-12 09:55 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-08-12 09:55 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-08-12 09:55 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-08-12 09:55 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-08-12 09:52 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-08-12 09:52 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-08-12 09:52 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-08-12 09:52 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-08-12 09:52 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2015-08-12 09:52 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2015-08-12 09:52 - 2012-12-15 06:55 - 00443392 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-08-12 09:37 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-08-12 09:37 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-08-12 09:27 - 2015-01-24 08:42 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-08-12 09:27 - 2015-01-24 07:00 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-08-12 09:24 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-08-12 09:24 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2015-08-12 09:24 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-08-12 09:24 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-08-12 09:24 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-08-12 09:24 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2015-08-12 09:24 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2015-08-12 09:24 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2015-08-12 09:24 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2015-08-12 09:24 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2015-08-11 22:29 - 2015-08-11 22:29 - 00000106 _____ C:\Windows\SynInst.log
2015-08-11 22:27 - 2015-08-11 22:27 - 00001084 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SynTP.lnk
2015-08-11 21:25 - 2014-06-05 03:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-08-11 21:25 - 2014-06-04 01:12 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-08-11 21:24 - 2015-06-17 16:13 - 01150264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-11 21:24 - 2015-06-17 15:44 - 01567560 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-11 21:24 - 2015-04-13 07:32 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-08-11 21:24 - 2014-12-11 08:51 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-08-11 21:24 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-08-11 21:24 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-08-11 21:24 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2015-08-11 21:24 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-08-11 21:05 - 2015-08-11 21:05 - 00000000 ____D C:\Users\User\Tracing
2015-08-11 21:01 - 2015-08-11 21:01 - 00000000 ____D C:\Users\User\AppData\Local\Skype
2015-08-11 21:00 - 2015-08-12 20:33 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
2015-08-11 20:59 - 2015-08-11 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-11 20:59 - 2015-08-11 20:59 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-11 20:59 - 2015-08-11 20:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-11 20:59 - 2015-08-11 20:59 - 00000000 ____D C:\ProgramData\Skype
2015-08-11 20:57 - 2015-08-11 20:58 - 01384064 _____ (Skype Technologies S.A.) C:\Users\User\Downloads\SkypeSetup.exe
2015-08-11 20:43 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2015-08-11 20:43 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-08-11 20:43 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-08-11 20:43 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2015-08-11 20:43 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2015-08-11 19:56 - 2014-09-13 08:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-11 19:56 - 2014-09-03 04:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-08-11 19:56 - 2014-09-03 04:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-08-11 19:56 - 2014-08-29 06:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-08-11 19:56 - 2014-08-29 06:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-08-11 19:56 - 2014-08-29 06:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-08-11 19:56 - 2014-08-29 06:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-08-11 19:56 - 2014-08-28 08:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2015-08-11 19:56 - 2014-08-28 08:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-08-11 19:56 - 2014-08-28 07:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2015-08-11 19:56 - 2014-07-24 15:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2015-08-11 19:54 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2015-08-11 19:54 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-08-11 19:54 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-08-11 19:54 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-08-11 19:54 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-08-11 19:54 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-11 19:54 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-11 19:54 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-08-11 19:54 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2015-08-11 19:51 - 2015-01-29 10:05 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-08-11 19:51 - 2015-01-29 08:19 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-08-11 19:51 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2015-08-11 19:51 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-08-11 19:51 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-08-11 19:49 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-08-11 19:49 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-08-11 19:48 - 2014-10-09 05:59 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-08-11 19:48 - 2014-10-09 05:59 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-08-11 19:48 - 2014-10-09 05:58 - 00458240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-08-11 19:48 - 2014-09-22 07:38 - 00673792 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2015-08-11 19:48 - 2014-09-22 05:56 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2015-08-11 19:44 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2015-08-11 19:44 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2015-08-11 19:44 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2015-08-11 19:44 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-08-11 19:44 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2015-08-11 19:44 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2015-08-11 19:44 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2015-08-11 19:44 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-08-11 19:44 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-08-11 19:44 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-08-11 19:44 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2015-08-11 19:44 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2015-08-11 19:44 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-08-11 19:44 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-08-11 19:44 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-08-11 19:44 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-08-11 19:44 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-08-11 19:44 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2015-08-11 19:44 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-08-11 19:44 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2015-08-11 19:44 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2015-08-11 19:44 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-08-11 19:44 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-08-11 19:44 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-08-11 19:43 - 2015-02-24 09:58 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-08-11 19:42 - 2014-07-07 07:53 - 01125376 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-08-11 19:42 - 2014-07-07 07:52 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-08-11 19:42 - 2014-07-07 07:52 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-08-11 19:42 - 2014-07-07 06:01 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-08-11 19:42 - 2014-07-07 06:01 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-08-11 19:35 - 2015-06-09 15:57 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-08-11 19:35 - 2015-03-04 09:29 - 00361280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-08-11 19:35 - 2015-03-04 08:39 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-08-11 19:35 - 2015-03-04 06:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-08-11 19:35 - 2015-01-24 06:31 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-08-11 19:35 - 2014-12-08 08:48 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-08-11 19:35 - 2014-12-08 07:04 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-08-11 19:35 - 2014-07-24 05:33 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-08-11 19:35 - 2014-07-24 05:33 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-11 19:35 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-08-11 19:35 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-08-11 19:35 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-08-11 19:35 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-11 19:28 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-11 19:28 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-11 19:28 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-11 15:28 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-08-11 15:28 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-08-11 15:20 - 2015-06-15 17:22 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2015-08-11 15:20 - 2015-06-15 17:22 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-11 15:20 - 2015-06-15 17:22 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-11 15:20 - 2015-06-15 17:22 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-11 15:20 - 2015-06-15 17:21 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-11 15:20 - 2015-06-15 17:20 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2015-08-11 15:20 - 2015-06-15 17:20 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-11 15:20 - 2015-06-15 17:19 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-11 15:20 - 2015-05-09 01:39 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-11 15:20 - 2015-05-08 22:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-11 15:20 - 2014-12-06 09:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-08-11 15:20 - 2014-12-06 09:52 - 00357376 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-08-11 15:20 - 2014-12-06 09:52 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-08-11 15:20 - 2014-12-06 08:09 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-08-11 15:20 - 2014-10-11 09:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-11 15:20 - 2014-10-11 07:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-11 15:20 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-08-11 15:18 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2015-08-11 15:18 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2015-08-11 15:18 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-08-11 15:16 - 2014-12-06 09:53 - 00458240 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-08-11 15:16 - 2014-12-06 09:53 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-08-11 15:16 - 2014-12-06 09:51 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-08-11 15:16 - 2014-12-06 09:51 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-08-11 15:16 - 2014-12-06 09:50 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-08-11 15:16 - 2014-12-06 08:10 - 00355840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-08-11 15:16 - 2014-12-06 08:10 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2015-08-11 15:16 - 2014-12-06 08:09 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2015-08-11 15:16 - 2014-10-03 03:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-08-11 15:16 - 2014-10-03 00:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-08-11 15:16 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-08-11 15:16 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-08-11 15:16 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-08-11 15:16 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-08-11 15:16 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-08-11 15:16 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2015-08-11 15:16 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2015-08-11 15:16 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlroamextension.dll
2015-08-11 15:16 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2015-08-11 15:16 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2015-08-11 15:16 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tasklist.exe
2015-08-11 15:16 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskkill.exe
2015-08-11 15:16 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmproxy.dll
2015-08-11 15:16 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlmsprep.dll
2015-08-11 15:16 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\duser.dll
2015-08-11 15:16 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\taskkill.exe
2015-08-11 15:16 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\tasklist.exe
2015-08-11 15:16 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\Windows\system32\wlroamextension.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2015-08-11 15:16 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2015-08-11 15:16 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\duser.dll
2015-08-11 15:16 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\hotspotauth.dll
2015-08-11 15:16 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-08-11 15:16 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2015-08-11 15:16 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2015-08-11 15:16 - 2012-11-27 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2015-08-11 15:16 - 2012-11-27 05:55 - 00029952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthhfHid.sys
2015-08-11 15:08 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-08-11 15:08 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2015-08-11 15:08 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2015-08-11 15:08 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2015-08-11 15:08 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-08-11 15:05 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-08-11 15:05 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-08-11 15:05 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-08-11 15:01 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-08-11 14:49 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-08-11 14:49 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2015-08-11 14:48 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-08-11 14:48 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_10ec.dll
2015-08-11 14:48 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-08-11 14:48 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-08-11 14:48 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-08-11 14:48 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-08-11 14:48 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-08-11 14:48 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\Windows\system32\MSAudDecMFT.dll
2015-08-11 14:48 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-08-11 14:48 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-08-11 14:48 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-08-11 14:48 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAudDecMFT.dll
2015-08-11 14:48 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-08-11 14:48 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2015-08-11 14:47 - 2014-07-24 15:50 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-08-11 14:47 - 2014-07-17 00:59 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-08-11 14:47 - 2014-07-12 08:45 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-08-11 14:47 - 2014-07-12 06:36 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-08-11 14:47 - 2014-07-12 06:34 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-08-11 14:47 - 2014-06-28 08:57 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-08-11 14:47 - 2014-06-28 04:23 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-08-11 14:47 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-08-11 14:47 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-08-11 14:47 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2015-08-11 14:47 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\Windows\system32\kdvm.dll
2015-08-11 14:47 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\RecoveryDrive.exe
2015-08-11 14:47 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-08-11 14:47 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2015-08-11 14:47 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-11 14:47 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\GenuineCenter.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-08-11 14:47 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\fhengine.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\dmvdsitf.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-08-11 14:47 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\fmifs.dll
2015-08-11 14:47 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-08-11 14:47 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-08-11 14:47 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-08-11 14:47 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2015-08-11 14:47 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-08-11 14:47 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-08-11 14:47 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-08-11 14:47 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-08-11 14:47 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmvdsitf.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fmifs.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2015-08-11 14:47 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2015-08-11 14:47 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-08-11 14:47 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2015-08-11 14:47 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2015-08-11 14:47 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-08-11 14:47 - 2013-01-10 03:40 - 00303848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-08-11 14:47 - 2012-12-13 06:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-11 14:47 - 2012-12-13 05:59 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-11 14:46 - 2015-06-11 22:29 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-11 14:46 - 2015-06-11 18:27 - 01024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-11 14:46 - 2014-07-17 01:28 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2015-08-11 14:46 - 2014-07-17 00:59 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-08-11 14:46 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-11 14:46 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-11 14:46 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-08-11 14:46 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2015-08-11 14:46 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-08-11 14:46 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-08-11 14:46 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-08-11 14:46 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2015-08-11 14:46 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2015-08-11 14:46 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-08-11 14:46 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-11 14:46 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-08-11 14:45 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2015-08-11 14:45 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2015-08-11 14:45 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2015-08-11 14:45 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2015-08-11 14:45 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2015-08-11 14:45 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2015-08-11 14:45 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-08-11 14:45 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2015-08-11 14:33 - 2014-06-13 01:34 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-11 14:33 - 2014-06-13 01:29 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-11 14:33 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-11 14:33 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-08-11 14:33 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-08-11 14:33 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-08-11 14:33 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-08-11 14:33 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2015-08-11 14:33 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2015-08-11 14:33 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2015-08-11 14:33 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-08-11 14:33 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-08-11 14:33 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2015-08-11 14:33 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-08-11 14:33 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-08-11 14:33 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2015-08-11 14:33 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2015-08-11 14:33 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2015-08-11 14:33 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-08-11 14:33 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2015-08-11 14:33 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2015-08-11 14:33 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2015-08-11 14:33 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-08-11 14:33 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-08-11 14:33 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2015-08-11 14:33 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2015-08-11 14:33 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-11 14:32 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-11 14:32 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-11 14:32 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2015-08-11 14:32 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2015-08-11 14:32 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-11 14:32 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2015-08-11 14:32 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2015-08-11 14:32 - 2012-11-27 08:39 - 01122768 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2015-08-11 14:32 - 2012-11-27 06:49 - 01027152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2015-08-11 14:32 - 2012-11-27 06:20 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2015-08-11 14:32 - 2012-11-27 06:20 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserLanguagesCpl.dll
2015-08-11 14:32 - 2012-11-27 06:20 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2015-08-11 14:32 - 2012-11-27 06:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vds_ps.dll
2015-08-11 14:32 - 2012-11-27 06:19 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2015-08-11 14:32 - 2012-11-27 06:19 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2015-08-11 14:32 - 2012-11-27 06:19 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2015-08-11 14:31 - 2014-12-19 06:35 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-08-11 14:31 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-08-11 14:31 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2015-08-11 14:31 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-08-11 14:31 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-08-11 14:31 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-08-11 14:31 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2015-08-11 14:31 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-08-11 14:30 - 2014-10-11 07:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-11 14:30 - 2014-10-11 07:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-11 14:30 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-08-11 14:30 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-08-11 14:30 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-11 14:30 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-11 14:30 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-11 14:30 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-11 14:30 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-11 14:30 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2015-08-11 14:30 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-11 14:30 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-11 14:29 - 2015-02-18 09:39 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-11 14:29 - 2015-02-18 09:38 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2015-08-11 14:29 - 2015-01-24 08:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-08-11 14:29 - 2015-01-24 07:00 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-08-11 14:29 - 2014-11-08 13:22 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-08-11 14:29 - 2014-11-08 08:57 - 00187904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-08-11 14:29 - 2014-10-23 14:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-08-11 14:29 - 2014-10-23 13:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-08-11 14:28 - 2015-04-25 05:41 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-08-11 14:28 - 2015-04-25 01:13 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-08-11 14:28 - 2015-02-17 08:54 - 19777536 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-11 14:28 - 2015-02-17 07:13 - 17561600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-11 14:28 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-08-11 14:28 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-08-11 14:28 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-11 14:28 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2015-08-11 14:28 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2015-08-11 14:28 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-11 14:28 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-08-11 14:28 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-08-11 14:28 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-08-11 14:28 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-08-11 14:28 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-08-11 14:28 - 2012-11-01 06:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-11 14:28 - 2012-11-01 06:20 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-11 14:27 - 2015-05-02 08:28 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-11 14:27 - 2015-05-02 05:59 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-11 14:27 - 2015-05-02 05:36 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-11 14:27 - 2015-04-14 00:09 - 00570248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-08-11 14:27 - 2015-01-15 13:44 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-08-11 14:27 - 2015-01-15 13:43 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-11 14:27 - 2015-01-15 12:00 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2015-08-11 14:27 - 2015-01-15 11:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-11 14:27 - 2015-01-15 11:09 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-11 14:27 - 2014-09-25 01:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-08-11 14:27 - 2014-09-25 01:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-08-11 14:27 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-11 14:27 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-11 14:27 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-11 14:27 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-11 12:43 - 2015-08-11 12:43 - 00001348 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013.lnk
2015-08-11 12:39 - 2015-08-11 12:39 - 00541410 _____ C:\Users\User\Downloads\tpfc_v062.zip
2015-08-11 12:33 - 2015-08-12 08:42 - 00002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 12:33 - 2015-08-11 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-11 12:32 - 2015-08-16 23:37 - 00001122 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 12:32 - 2015-08-16 21:10 - 00001118 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 12:32 - 2015-08-11 12:33 - 00000000 ____D C:\Users\User\AppData\Local\Google
2015-08-11 12:32 - 2015-08-11 12:33 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-11 12:32 - 2015-08-11 12:32 - 00004094 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-11 12:32 - 2015-08-11 12:32 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-11 12:31 - 2015-08-11 12:32 - 00000000 ____D C:\Users\User\AppData\Local\Deployment
2015-08-11 12:31 - 2015-08-11 12:31 - 00000000 ____D C:\Users\User\AppData\Local\Apps\2.0
2015-08-11 12:30 - 2015-08-11 12:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Macromedia
2015-08-06 15:08 - 2015-08-11 22:39 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1049590450-3514696037-1677154721-1001
2015-08-06 15:05 - 2015-08-16 21:11 - 00000000 ____D C:\Users\User\Documents\Youcam
2015-08-06 15:05 - 2015-08-06 15:05 - 00000000 ____D C:\Users\User\AppData\Local\CyberLink
2015-08-06 15:03 - 2015-08-06 15:03 - 00000000 ____D C:\Users\User\AppData\Local\Power2Go8
2015-08-06 15:02 - 2015-08-06 15:02 - 00001446 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-06 15:02 - 2015-08-06 15:02 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-06 15:02 - 2015-08-06 15:02 - 00000000 ____D C:\Users\User\AppData\Roaming\Adobe
2015-08-06 15:02 - 2012-10-17 15:13 - 00001655 _____ C:\Users\Default\Desktop\LIFESTORE.lnk
2015-08-06 15:02 - 2012-10-17 15:13 - 00001655 _____ C:\Users\Default User\Desktop\LIFESTORE.lnk
2015-08-06 15:02 - 2012-09-21 05:40 - 00001021 _____ C:\Users\Default\Desktop\Gutscheine bei coupons4u.lnk
2015-08-06 15:02 - 2012-09-21 05:40 - 00001021 _____ C:\Users\Default User\Desktop\Gutscheine bei coupons4u.lnk
2015-08-06 15:02 - 2012-09-15 20:56 - 00001995 _____ C:\Users\Default\Desktop\MEDIONplay.lnk
2015-08-06 15:02 - 2012-09-15 20:56 - 00001995 _____ C:\Users\Default User\Desktop\MEDIONplay.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00002786 _____ C:\Users\Default\Desktop\MEDIONmail.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00002786 _____ C:\Users\Default User\Desktop\MEDIONmail.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00001779 _____ C:\Users\Default\Desktop\MEDION Serviceportal.lnk
2015-08-06 15:02 - 2012-09-15 20:55 - 00001779 _____ C:\Users\Default User\Desktop\MEDION Serviceportal.lnk
2015-08-06 15:00 - 2015-08-06 15:00 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2015-08-06 14:59 - 2015-08-16 23:43 - 01945905 _____ C:\Windows\WindowsUpdate.log
2015-08-06 14:59 - 2015-08-06 15:02 - 00000000 ____D C:\Users\User\AppData\Local\Packages
2015-08-06 14:59 - 2015-08-06 14:59 - 00000020 ___SH C:\Users\User\ntuser.ini
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Vorlagen
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Startmenü
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Netzwerkumgebung
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Lokale Einstellungen
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Eigene Dateien
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Druckumgebung
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Documents\Eigene Musik
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Documents\Eigene Bilder
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Local\Verlauf
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\AppData\Local\Anwendungsdaten
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 _SHDL C:\Users\User\Anwendungsdaten
2015-08-06 14:59 - 2015-08-06 14:59 - 00000000 ____D C:\Users\User\AppData\Roaming\Intel
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-06 14:59 - 2012-07-26 10:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-06 14:50 - 2015-08-06 14:50 - 00002324 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1049590450-3514696037-1677154721-500
2015-08-06 14:00 - 2015-08-06 14:00 - 00000000 ____D C:\report
2015-08-06 13:48 - 2015-08-06 13:48 - 00000000 ____D C:\Users\User\AppData\Roaming\Media Player Classic
2015-08-06 13:47 - 2015-08-06 13:58 - 00000070 _____ C:\Program Files\smaple.txt
2015-08-06 13:23 - 2015-08-06 13:23 - 00003072 _____ C:\Users\User\AppData\Local\file__0.localstorage
2015-08-06 13:16 - 2015-08-06 13:16 - 00002026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-08-06 13:16 - 2015-08-06 13:16 - 00002014 _____ C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-08-06 13:16 - 2015-08-06 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-08-06 13:16 - 2015-08-06 13:16 - 00000000 ____D C:\Program Files\Intel Corporation
2015-08-06 13:11 - 2015-08-06 13:11 - 00000000 ____D C:\Program Files\FSP
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-17 00:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2015-08-16 21:24 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2015-08-16 21:15 - 2012-11-05 19:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-16 21:15 - 2012-11-05 19:01 - 00713560 _____ C:\Windows\system32\perfh01D.dat
2015-08-16 21:15 - 2012-11-05 19:01 - 00149444 _____ C:\Windows\system32\perfc01D.dat
2015-08-16 21:15 - 2012-11-05 18:54 - 00786588 _____ C:\Windows\system32\perfh013.dat
2015-08-16 21:15 - 2012-11-05 18:54 - 00159122 _____ C:\Windows\system32\perfc013.dat
2015-08-16 21:15 - 2012-11-05 18:49 - 00782014 _____ C:\Windows\system32\perfh010.dat
2015-08-16 21:15 - 2012-11-05 18:49 - 00153144 _____ C:\Windows\system32\perfc010.dat
2015-08-16 21:15 - 2012-11-05 18:47 - 00731582 _____ C:\Windows\system32\perfh00E.dat
2015-08-16 21:15 - 2012-11-05 18:47 - 00174554 _____ C:\Windows\system32\perfc00E.dat
2015-08-16 21:15 - 2012-11-05 18:45 - 00791060 _____ C:\Windows\system32\perfh00C.dat
2015-08-16 21:15 - 2012-11-05 18:45 - 00155620 _____ C:\Windows\system32\perfc00C.dat
2015-08-16 21:15 - 2012-11-05 18:43 - 00427352 _____ C:\Windows\system32\perfh00B.dat
2015-08-16 21:15 - 2012-11-05 18:43 - 00081986 _____ C:\Windows\system32\perfc00B.dat
2015-08-16 21:15 - 2012-11-05 18:41 - 00788984 _____ C:\Windows\system32\perfh00A.dat
2015-08-16 21:15 - 2012-11-05 18:41 - 00162890 _____ C:\Windows\system32\perfc00A.dat
2015-08-16 21:15 - 2012-11-05 18:36 - 00754172 _____ C:\Windows\system32\perfh007.dat
2015-08-16 21:15 - 2012-11-05 18:36 - 00156362 _____ C:\Windows\system32\perfc007.dat
2015-08-16 21:15 - 2012-11-05 18:34 - 00456714 _____ C:\Windows\system32\perfh006.dat
2015-08-16 21:15 - 2012-11-05 18:34 - 00079958 _____ C:\Windows\system32\perfc006.dat
2015-08-16 21:15 - 2012-07-26 09:28 - 08336938 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-16 21:08 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-16 21:07 - 2012-11-05 17:57 - 00013772 _____ C:\Windows\PFRO.log
2015-08-16 21:06 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-15 08:19 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2015-08-15 08:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2015-08-15 08:07 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AppCompat
2015-08-14 23:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2015-08-14 21:32 - 2012-07-26 11:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-08-14 21:32 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 21:32 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\servicing
2015-08-14 21:30 - 2012-11-05 18:34 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-08-14 21:30 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\winrm
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Com
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\migwiz
2015-08-14 21:30 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-14 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-08-14 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-08-14 21:30 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2015-08-14 21:29 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\WCN
2015-08-14 21:29 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\slmgr
2015-08-14 21:29 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MUI
2015-08-14 21:29 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Sysprep
2015-08-14 21:29 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\Dism
2015-08-14 21:25 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-08-14 21:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SystemResetPlatform
2015-08-14 21:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Com
2015-08-14 21:23 - 2012-07-26 11:43 - 00000000 ____D C:\Windows\en-GB
2015-08-14 21:23 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\en-GB
2015-08-14 21:22 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\en-GB
2015-08-14 21:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-08-14 21:17 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-14 21:11 - 2012-07-26 10:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 21:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-08-14 21:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 21:10 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-14 21:09 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 21:09 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-14 21:09 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-08-14 21:02 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2015-08-14 21:00 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 21:00 - 2012-07-26 10:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-14 12:37 - 2012-07-26 07:37 - 00000000 __RHD C:\Users\Default
2015-08-14 12:31 - 2012-07-26 07:26 - 00000215 _____ C:\Windows\system.ini
2015-08-12 19:59 - 2012-11-05 17:56 - 00000000 ____D C:\Windows\Panther
2015-08-11 12:44 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\System
2015-08-11 11:56 - 2012-07-26 09:21 - 00045399 _____ C:\Windows\setupact.log
2015-08-11 11:55 - 2012-11-05 19:48 - 00627296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-11 11:55 - 2012-11-05 19:48 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-11 11:55 - 2012-10-04 18:25 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys
2015-08-11 11:55 - 2012-10-04 18:25 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys
2015-08-11 11:55 - 2012-08-13 18:49 - 00177864 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kneps.sys
2015-08-11 11:55 - 2012-08-03 17:55 - 00050448 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klwfp.sys
2015-08-11 11:55 - 2012-08-02 17:09 - 00030304 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klim6.sys
2015-08-11 11:55 - 2012-06-19 19:28 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2015-08-06 22:48 - 2012-07-26 10:13 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2015-08-06 15:09 - 2012-12-18 13:34 - 00000000 ____D C:\Users\Public\Documents\CyberLink
2015-08-06 15:02 - 2012-07-26 09:20 - 00000000 ____D C:\Windows\Setup
2015-08-06 14:58 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-06 14:51 - 2012-07-26 10:13 - 00010443 _____ C:\Windows\DtcInstall.log
2015-08-06 13:16 - 2012-12-18 12:19 - 00000000 ____D C:\ProgramData\Intel
2015-08-06 13:14 - 2012-11-05 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-06 13:13 - 2012-12-18 12:35 - 00017112 _____ C:\Windows\DPINST.LOG
2015-08-06 13:11 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\restore
2015-07-28 10:59 - 2012-11-05 19:14 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-06 13:47 - 2015-08-06 13:58 - 0000070 _____ () C:\Program Files\smaple.txt
2015-08-06 13:23 - 2015-08-06 13:23 - 0003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2015-08-06 13:10 - 2015-08-06 13:17 - 0022795 _____ () C:\Users\User\AppData\Local\WiDiSetupLog.20150806.131054.txt
2012-12-18 13:38 - 2012-12-18 13:38 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden.
LastRegBack: 2012-11-05 17:57
==================== Ende von Ergebnis ============================
|
|
16.08.2015, 23:08
| #12 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam.Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-08-2015
durchgeführt von User (2015-08-17 00:02:35)
Gestartet von C:\Users\User\Downloads\FRST-OlderVersion
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1049590450-3514696037-1677154721-500 - Administrator - Disabled)
Gast (S-1-5-21-1049590450-3514696037-1677154721-501 - Limited - Disabled)
User (S-1-5-21-1049590450-3514696037-1677154721-1001 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Disabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3124 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3815c - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.0913 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.0913 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 8.5.6.4 - Sentelic)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2828 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{23D486D4-FBE0-40F3-A245-E4D56D094764}) (Version: 3.5.41.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{99FDAE3B-6905-45A6-8F73-595363AAD3D1}) (Version: 15.05.1000.1411 - Intel Corporation)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.8 - Wistron Corp.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mediathek (HKLM-x32\...\{EFFED0C0-5299-422E-AFE6-8B8066D18A2A}) (Version: 1.4.0 - Medion)
Medion Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Medion Home Cinema 10 (x32 Version: 10.1924 - CyberLink Corp.) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
QuickLaunch (HKLM-x32\...\{A802F1E3-34C8-4C84-9948-C1C4E37D0FA9}) (Version: 1.00.0019 - Lenovo Group Limited)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.9.6 - Synaptics Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
06-08-2015 13:11:27 Installiert Finger Sensing Pad Driver
06-08-2015 13:11:35 Installed Intel(R) WiDi.
11-08-2015 15:22:36 Windows Update
14-08-2015 12:12:59 ComboFix created restore point
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D1483FD-F5A3-4C6A-9AD6-CDDC3005A64B} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5DCFFFB8-4782-4C06-A9F6-3D1D534AB27C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-28] (Microsoft Corporation)
Task: {5E686F86-CC21-45DD-AB01-A7EC568CAD6A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {94C4CF35-5E70-4F86-928E-B249FCC33FB6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.)
Task: {A1E90357-CBEC-44CB-BB82-D405B2269A92} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11] (Google Inc.)
Task: {BB48774F-644B-49DD-8016-98E16CF5EE2B} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-18 13:08 - 2010-08-19 19:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-12-13 16:47 - 2012-11-01 16:43 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-12-18 12:17 - 2012-08-03 18:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-12-18 13:06 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2012-12-18 12:19 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-12 08:42 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1049590450-3514696037-1677154721-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Pictures\ws_Purple_Sky_River_Trees_Reflect_2560x1600.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{27E3B9C1-4C70-489F-9EE8-C46E26E9715A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F7218085-98A7-483D-8F82-31BF21913E71}] => (Allow) LPort=2869
FirewallRules: [{48236E57-1BA0-420C-8D42-002FD75F0D3C}] => (Allow) LPort=1900
FirewallRules: [{9CA6D5C6-326C-4A5D-9FA0-4FE87D3C51ED}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{9031E06A-ED6D-4776-B311-0618F5F20E6D}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{D022BDC7-2A16-490F-BEC7-7E9B82E85627}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{1F99D8A8-2AFF-4FD7-8499-A95AB5707A19}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{D5B47011-D402-4D5E-B466-B6089CBBD1FC}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{BD5E0F5E-C67F-465A-B527-94F777E8BFAB}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{F98AD7CB-3153-4A7D-80E3-9B3946752BC6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{31833E5C-8DD7-4F00-80D4-A89EB1B4157E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{2E8974E1-FD2D-4F3D-98CD-CD91C5B3715D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{DAB78648-FCEE-4C46-A87A-996906A64695}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{F9BE694E-BA0D-4C5D-857E-BE6CDDF119ED}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{4E8E4B64-5E3B-442B-8713-4EAAE89E1C13}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{68CB4B6B-F0CF-4AC4-BA15-2EBB971F0900}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/16/2015 11:55:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 11:54:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 11:54:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 10:58:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/16/2015 09:30:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 09:30:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 09:30:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 09:30:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 09:21:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Error: (08/16/2015 09:21:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifest.
Systemfehler:
=============
Error: (08/16/2015 09:33:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/16/2015 09:33:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (08/16/2015 09:33:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/16/2015 09:33:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (08/16/2015 09:33:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/16/2015 09:33:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
Error: (08/16/2015 09:06:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (08/16/2015 09:06:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (08/16/2015 09:06:43 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (08/16/2015 09:06:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Microsoft Office:
=========================
Error: (08/16/2015 11:55:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (08/16/2015 11:54:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu (1).exe
Error: (08/16/2015 11:54:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu.exe
Error: (08/16/2015 10:58:03 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/16/2015 09:30:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu (1).exe
Error: (08/16/2015 09:30:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu (1).exe
Error: (08/16/2015 09:30:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu (1).exe
Error: (08/16/2015 09:30:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu (1).exe
Error: (08/16/2015 09:21:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu.exe
Error: (08/16/2015 09:21:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_4188b989718cf1c6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.17359_none_8935f06086091acc.manifestC:\Users\User\Downloads\esetsmartinstaller_deu.exe
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 3961.71 MB
Verfügbarer physikalischer RAM: 2369.28 MB
Summe virtueller Speicher: 6905.71 MB
Verfügbarer virtueller Speicher: 5172.56 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:879.36 GB) (Free:803.28 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:29.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Ergebnis ============================
|
|
17.08.2015, 09:49
| #13 | |
| /// TB-Ausbilder | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Servus, Zitat:
Und alle geposteten Schritte bitte ausführen. |
|
17.08.2015, 11:05
| #14 |
| | Taskmanager öffnet nicht, Browser hängt und sehr langsam. also liegt der Fehler in der alten version? oder was hab ich noch falsch gemacht? blick grad nimmer durch, entschuldigung. |
|
17.08.2015, 11:53
| #15 |
| /// TB-Ausbilder | Taskmanager öffnet nicht, Browser hängt und sehr langsam. Servus, guck dir mal meinen vorletzten Post an... da stehen vier Schritte, die du abarbeiten sollst. Keinen davon hast du gemacht. Was gibt es da nicht zu verstehen? |
|
| Themen zu Taskmanager öffnet nicht, Browser hängt und sehr langsam. |
| browser, coupons, cpu, defender, desktop, device driver, dnsapi.dll, ebanking, explorer, home, hängt, installation, kaspersky, langsam, launch, prozesse, realtek, registry, rundll, scan, security, services.exe, software, svchost.exe, system, taskmanager, updates, usb, virus, windows, windowsapps |
Linear-Darstellung
