| |
| |||||||
Log-Analyse und Auswertung: Bedenklicher Eintrag im StartmenüWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.04.2016, 13:05
| #1 |
| |  Bedenklicher Eintrag im Startmenü Hallo zusammen, mein Rechner ist in letzter Zeit extrem langsam gewesen und einige Funktionen liefen gar nicht mehr.Zum Beispiel konnte ich kein Servicepack installieren und der Windows Instrumentationsverwaltungsdienst liess sich nicht starten.Ich habe den Rechner jetzt mit einer anderen Windows Version neu aufgesetzt. Service Pack ist wieder installiert und auch die Dienste laufen wieder.Jedoch ist er immer noch sehr sehr langsam.Im Startmenü habe ich etwas verdächtiges entdeckt und auch schon deaktiviert(SI TSS v1.2.1.41) Ich habe jetzt OTL Scan gemacht und das sind die Logfiles die erstellt wurden.Vielleicht hat jemand Zeit das durchzusehen-danke schonmal! OTL Extras logfile created on: 24.04.2016 03:49:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\wrecken\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2,87 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 57,49% Memory free 5,73 Gb Paging File | 2,56 Gb Available in Paging File | 44,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 218,20 Gb Total Space | 105,86 Gb Free Space | 48,52% Space Free | Partition Type: NTFS Drive E: | 465,64 Gb Total Space | 132,66 Gb Free Space | 28,49% Space Free | Partition Type: FAT32 Computer Name: WRECKEN-PC | User Name: wrecken | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L" Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0B67E5EE-FE04-427D-A293-42567FA8BD82}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{107A02E5-0254-49A5-9251-15CA64F3FB4F}" = lport=445 | protocol=6 | dir=in | app=system | "{14252F8D-75D5-4CD0-85A1-7C1CFE7486C3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{1E6A3F83-69A9-452F-97AA-8E9BD394C89A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | "{2B628720-AD0F-4B12-A7B5-A1963717FA18}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{301C491E-5D63-414E-BC37-E696DED26963}" = rport=445 | protocol=6 | dir=out | app=system | "{36F0E12C-1843-43D7-841D-157ED1D70571}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{3D13FF34-93F3-4809-B5EE-25BD79257372}" = rport=138 | protocol=17 | dir=out | app=system | "{3DDB4787-21A3-4761-B636-DE0221E3B60D}" = lport=139 | protocol=6 | dir=in | app=system | "{3F050B5B-2377-43EC-B9D4-480E280649F7}" = lport=137 | protocol=17 | dir=in | app=system | "{4016D9FE-94FF-496A-97ED-227F1F542AFD}" = rport=137 | protocol=17 | dir=out | app=system | "{6F0A192C-47A2-499E-BA94-1FFCD9DC81A8}" = lport=138 | protocol=17 | dir=in | app=system | "{722012A0-2188-4C0B-ABDE-40553AAAB7A0}" = rport=139 | protocol=6 | dir=out | app=system | "{7A40749E-EC74-42DB-876D-E82F665FB9CD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{8F13DB13-A7F5-4AC5-8981-35759C8F9345}" = rport=10243 | protocol=6 | dir=out | app=system | "{9A651964-49CA-4C17-97AE-9A665DE1CB73}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9AE9D6FE-3EED-43BB-A8D3-B8EC7A9550B8}" = lport=10243 | protocol=6 | dir=in | app=system | "{A1599AAE-D379-4469-8777-97E1F8A3C8FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{A8AEA65C-757D-4724-8259-FDBAE936A898}" = lport=2869 | protocol=6 | dir=in | app=system | "{B7F00EBC-B560-4A8C-B859-86309A6B7575}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{DF40E2AC-F0B8-4DE3-9A91-67F859BAB21C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{E3863164-FFC7-4837-A6ED-C96A91D8769D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07F5E027-A3CD-4998-A28E-A8107AE1E2FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{0AD44818-2E51-4A86-95D4-5C124DF78713}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{1455AF52-84FD-498F-ABAD-7669FD520DF0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{1E4C9984-B378-4914-BAA7-806D8D04D20F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{2188DF42-6D46-4640-BD99-5343F30B6855}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{40138661-C2BB-4EAA-95FA-3D16A3D13DBA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{59ABC7E2-FB28-4AD4-A947-4EFDF26D7864}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{75EF70A6-B4CD-4378-B222-05AD383E966F}" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\rpds\bin\rpdsvc.exe | "{8681259F-9B49-4A3A-97D3-AE715AA6EF29}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | "{86A373C9-28CB-4FB8-A77D-1E099AD59F94}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe | "{8B5C93F2-8BEB-4DFE-B3E2-4E93352742B2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{939FA64A-773F-4792-A40A-4C502E101B99}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{984B2B72-9E9E-467F-998D-FBE8FC1A30ED}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{99373641-7B09-4927-9E79-ED8605B93B61}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{A0EA0461-006C-42C1-A149-137EBA68A4E9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A487A376-8B86-4764-A02B-FF9CAB236BF3}" = protocol=6 | dir=out | app=system | "{A63FE160-44FB-4EB4-80C8-77882AB3E32B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A72C60DF-E4E0-43B5-A956-DC99E47071F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{ADDA8F02-ABB3-4249-97C5-5B84C7300A20}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B1BC6001-AE67-46B7-BC8E-00B8D5F3E653}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B8F2EBDF-531F-49E3-9BCE-21A40283A070}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C524D936-BBF2-44C7-8B50-113492499A8C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DCB3EDA3-5666-4A41-9720-DF4718E03856}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | "{E239DDE4-FDE0-4327-B509-8417D449F5B7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{E76AF798-3F24-4F53-81C6-B8E0B699409A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{EE9061BA-7D6C-462D-A6E7-F2C685EEA8ED}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{EED1B4BF-4358-40ED-BA9F-0C1312362E23}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FAA5DCB0-5BD0-458E-9675-451A27F7F9AF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{21E47F47-C9A7-4454-BA48-388327B0EA00}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2 "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software "{5F160A36-29D0-4AE0-986C-671A564BC0D4}" = Wave Crypto Runtime 2.0.9.0 x64 "{73ca1ddf-9d19-45f2-ad4c-04169ec13342}" = Intel(R) PRO/Wireless Driver "{7567A068-2F02-40D1-A34C-16D79ECD35A6}" = GemPcCCID "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{86A9BBDF-9B6D-4E3D-810E-23C9079C6217}" = Wave Support Software Installer "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007 "{91CE5F03-3A2A-4268-935A-04944F058AE9}" = Gemalto "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2 "{9C481E27-751F-48B9-801D-C583F032DA50}" = Intel® PROSet/Wireless WiFi Software "{9CC89928-4787-4ED5-9942-4EBF6C2468E6}" = Dell System Manager "{9F9DF365-C354-468F-A174-82660FB13C5C}" = O2Micro OZ776 SCR Driver "{A2309A2F-4BEB-45C8-92E1-84D430AC15AD}" = SI TSS "{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Data Protection | Access "{BE1CF6CA-3182-45D8-9535-A18055B73607}" = Dell Custom Help "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = Samsung USB Driver for Mobile Phones "{DD317AA5-F0EF-480F-9501-507712B5E0B6}" = SPBA (WBF) 5.9 "{DF5B5BEC-BA44-4669-98C8-2A691C5EA428}" = PBA Driver-x64 "{F888B1E9-64E3-479D-91DB-2D9193C39535}" = AuthenTec WinBio FingerPrint Software 64-bit "VLC media player" = VLC media player [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{13743594-F75E-491E-9EFF-203C8F8DF705}" = RealDownloader "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.01 "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{48D18738-099C-4FAA-AFD9-80B592A25478}" = RealDownloader "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{75c02118-61df-4a00-b4ae-8a8f2ab354b3}" = RealDownloader "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11 "{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{58FC5E37-DD28-4D4A-A549-125744C6763C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007 "{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{888B9AC7-8F5C-456B-A27A-157A6C310E52}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007 "{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007 "{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DCBECE36-8F23-4B33-925E-A1C6183C0DBD}" = 2007 Microsoft Office Suite Service Pack 1 (SP1) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime "{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.15) - Deutsch "{b6b417a3-1f40-4618-aadd-49628bda7836}" = Intel® PROSet/Wireless Software "{E3AE96D6-E196-45B4-AF62-2B41998B9E37}" = UpdateService "{E60AFF01-6087-47BD-8272-61FA3CFC309D}" = Video Downloader "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics "{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype™ 7.22 "Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI "Another Matrix Screen Saver_is1" = Another Matrix Screen Saver "Avast" = Avast Business Security "ENTERPRISE" = Microsoft Office Enterprise 2007 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}" = Samsung Kies3 "InstallShield_{9F9DF365-C354-468F-A174-82660FB13C5C}" = O2Micro OZ776 SCR Driver "Mozilla Firefox 45.0.2 (x86 de)" = Mozilla Firefox 45.0.2 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Notepad++" = Notepad++ "OrangeEdit_is1" = OrangeEdit 2.0 BETA "RarZilla Free Unrar" = RarZilla Free Unrar "RealPlayer 18.1" = RealPlayer (RealTimes) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "58d94f3ce2c27db0" = Dell System Detect ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 22.04.2016 15:51:16 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3029 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3029 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3028 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 3058 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 7010 Description = Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Windows Search Service | ID = 7042 Description = Error - 22.04.2016 15:52:36 | Computer Name = wrecken-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: downloader2.exe, Version: 18.1.3.104, Zeitstempel: 0x56b2b0c9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0xcfc Startzeit der fehlerhaften Anwendung: 0x01d19ccf5cf96078 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: c277b56a-08c3-11e6-942a-1c659d039fda Error - 22.04.2016 19:57:40 | Computer Name = wrecken-PC | Source = bcc | ID = 1 Description = synchronize - exchange FAILED -12 (1 retry) Error - 23.04.2016 16:37:07 | Computer Name = wrecken-PC | Source = bcc | ID = 1 Description = synchronize - exchange FAILED -12 (1 retry) Error - 23.04.2016 16:39:17 | Computer Name = wrecken-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 22.04.2016 15:50:49 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 11 Mal passiert. Error - 22.04.2016 15:50:50 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 12 Mal passiert. Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7024 Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error - 22.04.2016 15:51:25 | Computer Name = wrecken-PC | Source = Service Control Manager | ID = 7034 Description = Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 13 Mal passiert. Error - 23.04.2016 16:36:31 | Computer Name = wrecken-PC | Source = DCOM | ID = 10010 Description = Error - 23.04.2016 16:37:00 | Computer Name = wrecken-PC | Source = DCOM | ID = 10010 Description = Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. Error - 23.04.2016 17:15:11 | Computer Name = wrecken-PC | Source = atapi | ID = 262155 Description = Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden. < End of report > OTL logfile created on: 24.04.2016 03:49:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\wrecken\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 2,87 Gb Total Physical Memory | 1,65 Gb Available Physical Memory | 57,49% Memory free 5,73 Gb Paging File | 2,56 Gb Available in Paging File | 44,64% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 218,20 Gb Total Space | 105,86 Gb Free Space | 48,52% Space Free | Partition Type: NTFS Drive E: | 465,64 Gb Total Space | 132,66 Gb Free Space | 28,49% Space Free | Partition Type: FAT32 Computer Name: WRECKEN-PC | User Name: wrecken | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\wrecken\Downloads\otl.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) PRC - C:\Programme\AVAST Software\Avast\avastui.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\bccavsvc.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\bcc.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe () PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe () PRC - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (DEVGURU Co., LTD.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll () MOD - C:\Programme\AVAST Software\Avast\ffl2.dll () MOD - C:\Programme\AVAST Software\Avast\libcef.dll () MOD - C:\Programme\AVAST Software\Avast\JsonRpcServer.dll () MOD - C:\Programme\AVAST Software\Avast\log.dll () MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll () MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe () MOD - C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll () MOD - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () ========== Services (SafeList) ========== SRV:64bit: - (Avast Business Console Client Antivirus Service) -- C:\Program Files\AVAST Software\Avast\bccavsvc.exe (AVAST Software) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (RealTimes Desktop Service) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.) SRV - (aswBcc) -- C:\Programme\AVAST Software\Avast\bcc.exe (AVAST Software) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (RealPlayerUpdateSvc) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe () SRV - (ss_conn_service) -- C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (DEVGURU Co., LTD.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe () SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (PbaDrvSvc_x64) -- C:\Programme\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe (Dell, Inc.) SRV - (tcsd_win32.exe) -- C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe () SRV - (dcpsysmgrsvc) -- C:\Programme\Dell\Dell System Manager\DCPSysMgrSvc.exe (Dell Inc.) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software) DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software) DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (BTWAMPFL) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.) DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.) DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.) DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.) DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwsw00.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (dcdbas) -- C:\Windows\SysNative\drivers\dcdbas64.sys (Dell Inc.) DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\accelern.sys (ST Microelectronics) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/ IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EE A5 52 AA 28 9B D1 01 [binary data] IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.countryCode: "AT" FF - prefs.js..browser.search.region: "AT" FF - prefs.js..browser.startup.homepage: "www.google.at" FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20151208 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.9.0.11 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll () FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=18.1.3.100: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=18.1.3.100: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.04.20 20:21:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\Extensions [2016.04.21 17:17:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\Firefox\Profiles\nrxv7ewj.default\extensions [2016.04.21 17:15:19 | 000,000,000 | ---D | M] (WOT) -- C:\Users\wrecken\AppData\Roaming\mozilla\Firefox\Profiles\nrxv7ewj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016.04.21 17:16:45 | 000,564,411 | ---- | M] () (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\firefox\profiles\nrxv7ewj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016.04.21 17:17:23 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\wrecken\AppData\Roaming\mozilla\firefox\profiles\nrxv7ewj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016.04.20 19:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader) O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1 O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2048369672-643187680-2407283211-1000\..Trusted Domains: dell.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30A37DFD-E193-4F21-87E2-E1D475688139}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4113C692-F91C-457A-86B7-261856760A92}: DhcpNameServer = 212.33.36.155 212.33.55.5 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20:64bit: - Winlogon\Notify\spba: DllName - (C:\Program Files\Common Files\SPBA\homefus2.dll) - C:\Programme\Common Files\SPBA\homefus2.dll (Authentec Inc.) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2016.04.23 22:35:56 | 000,000,000 | ---D | C] -- C:\Windows\pss [2016.04.23 08:06:50 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell [2016.04.22 22:13:11 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Macromedia [2016.04.22 22:13:11 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Macromedia [2016.04.22 22:12:44 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2016.04.22 22:12:44 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2016.04.22 22:12:43 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed [2016.04.22 22:12:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2016.04.22 21:45:00 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Documents\Bluetooth-Exchange-Ordner [2016.04.22 00:11:06 | 000,000,000 | ---D | C] -- C:\Windows\Migration [2016.04.21 22:04:55 | 000,171,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\infocardapi.dll [2016.04.21 22:04:55 | 000,099,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\infocardapi.dll [2016.04.21 22:04:52 | 001,389,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardagt.exe [2016.04.21 22:04:52 | 000,619,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardagt.exe [2016.04.21 22:04:52 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardres.dll [2016.04.21 22:04:52 | 000,008,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardres.dll [2016.04.21 22:04:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TsWpfWrp.exe [2016.04.21 22:04:39 | 000,035,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsWpfWrp.exe [2016.04.21 21:43:17 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe [2016.04.21 21:43:17 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe [2016.04.21 21:22:14 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\scavengeui.dll [2016.04.21 21:19:44 | 000,392,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2016.04.21 21:19:44 | 000,318,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2016.04.21 13:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RarZilla Free Unrar [2016.04.21 13:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RarZilla Free Unrar [2016.04.21 13:17:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2016.04.21 13:17:14 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Notepad++ [2016.04.21 13:17:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++ [2016.04.21 13:11:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrangeEdit [2016.04.21 13:11:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OrangeEdit [2016.04.21 13:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services [2016.04.21 13:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition [2016.04.21 13:10:01 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Programs [2016.04.21 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\OrangeApps [2016.04.21 13:08:24 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\OrangeApps [2016.04.21 12:35:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Philipp Winterberg [2016.04.21 12:20:39 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Real [2016.04.21 12:20:18 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\RealNetworks [2016.04.21 12:20:10 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2016.04.21 12:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks [2016.04.21 12:19:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2016.04.21 12:19:51 | 000,200,944 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2016.04.21 12:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2016.04.21 12:19:40 | 000,278,768 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2016.04.21 12:19:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Real [2016.04.21 12:19:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real [2016.04.21 12:18:30 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Real [2016.04.21 12:15:18 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Tracing [2016.04.21 12:14:40 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Skype [2016.04.21 12:14:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2016.04.21 12:14:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2016.04.21 12:14:26 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2016.04.21 12:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2016.04.21 12:11:11 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\vlc [2016.04.21 12:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2016.04.21 12:10:24 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2016.04.21 11:34:57 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2016.04.21 11:34:07 | 001,490,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01007.dll [2016.04.21 11:34:07 | 000,708,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller.dll [2016.04.21 11:34:07 | 000,213,088 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys [2016.04.21 11:34:07 | 000,120,416 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys [2016.04.21 11:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [2016.04.21 11:33:02 | 000,144,664 | ---- | C] (MAPILab Ltd. & Add-in Express Ltd.) -- C:\Windows\SysWow64\secman.dll [2016.04.21 11:33:00 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll [2016.04.21 11:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2016.04.21 11:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung [2016.04.21 11:27:29 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Downloaded Installations [2016.04.21 11:20:46 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Samsung [2016.04.21 11:20:38 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Documents\samsung [2016.04.21 11:20:38 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Samsung [2016.04.21 11:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\honestech VHS to DVD 2.0 SE [2016.04.21 11:19:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\honestech [2016.04.21 11:18:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FANUC [2016.04.21 11:15:23 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Adobe [2016.04.21 11:15:23 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Adobe [2016.04.21 10:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another Matrix Screen Saver [2016.04.21 10:52:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Another Matrix Screen Saver [2016.04.21 07:06:01 | 000,398,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2016.04.21 07:04:34 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\AVAST Software [2016.04.21 07:03:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [2016.04.21 07:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV [2016.04.21 07:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV [2016.04.21 07:02:19 | 000,165,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2016.04.21 07:02:18 | 000,463,744 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2016.04.21 07:02:18 | 000,287,016 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2016.04.21 07:02:17 | 000,107,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2016.04.21 07:02:17 | 000,074,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2016.04.21 07:02:16 | 000,103,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2016.04.21 07:02:16 | 000,037,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2016.04.21 07:02:12 | 001,070,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2016.04.21 07:01:39 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2016.04.21 06:59:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2016.04.21 06:59:04 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2016.04.21 06:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2016.04.21 06:38:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2016.04.21 06:35:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2016.04.20 21:28:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [2016.04.20 21:27:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works [2016.04.20 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio [2016.04.20 21:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER [2016.04.20 21:26:47 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2016.04.20 21:26:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2016.04.20 21:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2016.04.20 21:23:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8 [2016.04.20 21:22:28 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Microsoft Help [2016.04.20 21:22:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office [2016.04.20 21:22:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2016.04.20 21:21:56 | 000,000,000 | RH-D | C] -- C:\MSOCache [2016.04.20 21:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell System Manager [2016.04.20 21:15:55 | 000,382,056 | ---- | C] (Dell Inc.) -- C:\Windows\hapint.exe [2016.04.20 21:15:55 | 000,335,464 | ---- | C] (Dell Inc.) -- C:\Windows\dchcfg64.exe [2016.04.20 21:15:55 | 000,093,288 | ---- | C] (Dell Inc.) -- C:\Windows\dcmdev64.exe [2016.04.20 21:15:53 | 000,459,880 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\dchbas64.dll [2016.04.20 21:15:53 | 000,322,664 | ---- | C] (Dell Inc.) -- C:\Windows\SysNative\dchapi64.dll [2016.04.20 21:15:16 | 000,000,000 | ---D | C] -- C:\apps [2016.04.20 21:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Security Innovation [2016.04.20 21:15:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Innovation [2016.04.20 21:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2016.04.20 21:13:58 | 000,000,000 | ---D | C] -- C:\Program Files\Fingerprint Sensor [2016.04.20 21:13:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SPBA [2016.04.20 21:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SPBA [2016.04.20 21:13:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gemalto [2016.04.20 21:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\O2Micro OZ776 SCR Driver [2016.04.20 21:12:28 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations [2016.04.20 21:12:22 | 000,057,344 | ---- | C] (O2Micro) -- C:\Windows\SysWow64\ct32O2.dll [2016.04.20 21:12:22 | 000,057,344 | ---- | C] (O2Micro) -- C:\Windows\SysNative\ct32O2.dll [2016.04.20 21:12:18 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Wave Systems Corp [2016.04.20 21:12:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Wave Systems Corp [2016.04.20 21:05:00 | 000,000,000 | ---D | C] -- C:\7cae8c5651b37dbf7e24f8f5c2 [2016.04.20 21:04:20 | 000,000,000 | ---D | C] -- C:\c8bb05505b6ffae53b [2016.04.20 21:03:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Broadcom [2016.04.20 21:01:23 | 000,022,056 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\btwcoins.dll [2016.04.20 21:01:22 | 000,349,736 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys [2016.04.20 21:01:22 | 000,138,280 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2016.04.20 21:01:22 | 000,107,560 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2016.04.20 21:01:22 | 000,039,464 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2016.04.20 21:01:22 | 000,021,416 | ---- | C] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2016.04.20 20:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\WIDCOMM [2016.04.20 20:55:55 | 000,196,608 | ---- | C] (RICOH) -- C:\Windows\SysNative\RiSDIcon.dll [2016.04.20 20:55:55 | 000,188,416 | ---- | C] (RICOH) -- C:\Windows\SysNative\RiMMCIcon.dll [2016.04.20 20:55:55 | 000,080,896 | ---- | C] (REDC) -- C:\Windows\SysNative\drivers\risdpe64.sys [2016.04.20 20:55:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2016.04.20 20:54:50 | 000,056,344 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\HECIx64.sys [2016.04.20 20:48:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2016.04.20 20:47:14 | 000,000,000 | ---D | C] -- C:\Intel [2016.04.20 20:46:59 | 000,158,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\Impcd.sys [2016.04.20 20:46:58 | 012,312,928 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys [2016.04.20 20:46:58 | 009,528,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll [2016.04.20 20:46:58 | 009,014,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll [2016.04.20 20:46:58 | 008,314,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll [2016.04.20 20:46:58 | 007,988,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll [2016.04.20 20:46:58 | 006,324,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll [2016.04.20 20:46:58 | 002,780,160 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmjit64.dll [2016.04.20 20:46:58 | 002,191,872 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmjit32.dll [2016.04.20 20:46:58 | 000,581,120 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll [2016.04.20 20:46:58 | 000,510,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe [2016.04.20 20:46:58 | 000,418,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe [2016.04.20 20:46:58 | 000,390,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll [2016.04.20 20:46:58 | 000,378,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll [2016.04.20 20:46:58 | 000,376,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhsip64.dll [2016.04.20 20:46:58 | 000,376,832 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhsip32.dll [2016.04.20 20:46:58 | 000,376,320 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll [2016.04.20 20:46:58 | 000,293,888 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll [2016.04.20 20:46:58 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc [2016.04.20 20:46:58 | 000,287,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc [2016.04.20 20:46:58 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc [2016.04.20 20:46:58 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc [2016.04.20 20:46:58 | 000,286,208 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc [2016.04.20 20:46:58 | 000,285,696 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc [2016.04.20 20:46:58 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc [2016.04.20 20:46:58 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc [2016.04.20 20:46:58 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc [2016.04.20 20:46:58 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc [2016.04.20 20:46:58 | 000,246,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxcmrt32.dll [2016.04.20 20:46:58 | 000,241,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe [2016.04.20 20:46:58 | 000,219,136 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcmrt64.dll [2016.04.20 20:46:58 | 000,168,944 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe [2016.04.20 20:46:58 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll [2016.04.20 20:46:58 | 000,126,976 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl [2016.04.20 20:46:58 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\iglhcp64.dll [2016.04.20 20:46:58 | 000,098,304 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\iglhcp32.dll [2016.04.20 20:46:58 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2993.dll [2016.04.20 20:46:58 | 000,062,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll [2016.04.20 20:46:58 | 000,028,672 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll [2016.04.20 20:46:58 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll [2016.04.20 20:46:57 | 018,664,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll [2016.04.20 20:46:57 | 004,380,144 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe [2016.04.20 20:46:57 | 000,394,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe [2016.04.20 20:46:57 | 000,146,432 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll [2016.04.20 20:46:57 | 000,110,080 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll [2016.04.20 20:46:55 | 000,317,440 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\drivers\IntcDAud.sys [2016.04.20 20:46:55 | 000,185,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\difx64.exe [2016.04.20 20:46:55 | 000,014,848 | ---- | C] (Intel(R) Corporation) -- C:\Windows\SysNative\IntcDAuC.dll [2016.04.20 20:45:59 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2016.04.20 20:44:38 | 000,022,128 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdcfltn.sys [2016.04.20 20:44:38 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2016.04.20 20:43:38 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics [2016.04.20 20:42:36 | 000,000,000 | ---D | C] -- C:\dell [2016.04.20 20:41:57 | 000,081,520 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\accelernco01.dll [2016.04.20 20:41:57 | 000,027,760 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\accelern.sys [2016.04.20 20:41:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STMicroelectronics [2016.04.20 20:41:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2016.04.20 20:39:42 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Dell [2016.04.20 20:31:06 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles [2016.04.20 20:30:46 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Intel [2016.04.20 20:30:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\Roaming [2016.04.20 20:30:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2016.04.20 20:29:14 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2016.04.20 20:28:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2016.04.20 20:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2016.04.20 20:28:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2016.04.20 20:28:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2016.04.20 20:26:30 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2016.04.20 20:26:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2016.04.20 20:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2016.04.20 20:25:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2016.04.20 20:24:04 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll [2016.04.20 20:24:04 | 000,058,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe [2016.04.20 20:24:04 | 000,044,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll [2016.04.20 20:23:58 | 000,700,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll [2016.04.20 20:23:58 | 000,581,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll [2016.04.20 20:23:58 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll [2016.04.20 20:23:58 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll [2016.04.20 20:23:58 | 000,038,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll [2016.04.20 20:23:58 | 000,036,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll [2016.04.20 20:23:50 | 000,198,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll [2016.04.20 20:23:50 | 000,179,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll [2016.04.20 20:23:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe [2016.04.20 20:23:50 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe [2016.04.20 20:22:28 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Deployment [2016.04.20 20:22:28 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Apps [2016.04.20 20:04:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2016.04.20 19:26:08 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Mozilla [2016.04.20 19:26:07 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Mozilla [2016.04.20 19:25:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2016.04.20 19:25:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2016.04.20 19:12:33 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2016.04.20 19:12:33 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Searches [2016.04.20 19:12:33 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2016.04.20 19:12:25 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Identities [2016.04.20 19:12:23 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Contacts [2016.04.20 19:12:22 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\VirtualStore [2016.04.20 19:12:13 | 000,000,000 | --SD | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Videos [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Saved Games [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Pictures [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Music [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Links [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Favorites [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Downloads [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Documents [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\Desktop [2016.04.20 19:12:13 | 000,000,000 | R--D | C] -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Vorlagen [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\AppData\Local\Verlauf [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\AppData\Local\Temporary Internet Files [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Startmenü [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\SendTo [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Recent [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Netzwerkumgebung [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Lokale Einstellungen [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Documents\Eigene Videos [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Documents\Eigene Musik [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Eigene Dateien [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Documents\Eigene Bilder [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Druckumgebung [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Cookies [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\AppData\Local\Anwendungsdaten [2016.04.20 19:12:13 | 000,000,000 | -HSD | C] -- C:\Users\wrecken\Anwendungsdaten [2016.04.20 19:12:13 | 000,000,000 | -H-D | C] -- C:\Users\wrecken\AppData [2016.04.20 19:12:13 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Temp [2016.04.20 19:12:13 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Local\Microsoft [2016.04.20 19:12:13 | 000,000,000 | ---D | C] -- C:\Users\wrecken\AppData\Roaming\Media Center Programs [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Recovery [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Programme [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2016.04.20 19:12:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2016.04.20 19:08:04 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2016.04.20 19:05:53 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2016.04.20 19:05:15 | 000,000,000 | -HSD | C] -- C:\System Volume Information ========== Files - Modified Within 30 Days ========== [2016.04.24 03:40:43 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016.04.24 03:40:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2016.04.23 22:46:41 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2016.04.23 22:46:41 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2016.04.23 22:46:10 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2016.04.23 22:46:10 | 000,698,926 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2016.04.23 22:46:10 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2016.04.23 22:46:10 | 000,149,034 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2016.04.23 22:46:10 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2016.04.23 22:38:14 | 2307,272,704 | -HS- | M] () -- C:\hiberfil.sys [2016.04.22 22:12:44 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2016.04.22 22:12:44 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2016.04.22 00:13:17 | 001,559,112 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016.04.21 13:19:32 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\RarZilla Free Unrar.lnk [2016.04.21 13:17:16 | 000,001,019 | ---- | M] () -- C:\Users\Public\Desktop\Notepad++.lnk [2016.04.21 13:11:10 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\OrangeEdit.lnk [2016.04.21 12:20:28 | 000,001,204 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk [2016.04.21 12:19:51 | 000,200,944 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll [2016.04.21 12:19:40 | 000,278,768 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2016.04.21 12:14:27 | 000,002,699 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2016.04.21 12:10:53 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2016.04.21 11:53:39 | 000,001,969 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies 3.lnk [2016.04.21 11:45:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2016.04.21 11:34:46 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2016.04.21 11:34:46 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2016.04.21 10:52:46 | 000,001,133 | ---- | M] () -- C:\Users\wrecken\Desktop\Another Matrix Screen Saver.lnk [2016.04.21 07:03:46 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\Avast Business Security.lnk [2016.04.21 07:02:57 | 001,070,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2016.04.21 07:02:56 | 000,107,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2016.04.21 07:02:55 | 000,463,744 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2016.04.21 07:01:42 | 000,398,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2016.04.21 07:01:42 | 000,287,016 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys [2016.04.21 07:01:42 | 000,165,344 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys [2016.04.21 07:01:42 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys [2016.04.21 07:01:42 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys [2016.04.21 07:01:41 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2016.04.21 07:01:39 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2016.04.21 06:39:07 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2016.04.20 21:52:56 | 000,416,336 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2016.04.20 21:16:19 | 000,002,024 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2016.04.20 21:13:15 | 000,000,206 | ---- | M] () -- C:\Windows\hbcikrnl.ini [2016.04.20 21:13:13 | 000,000,306 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2016.04.20 21:12:22 | 000,057,344 | ---- | M] (O2Micro) -- C:\Windows\SysWow64\ct32O2.dll [2016.04.20 21:12:22 | 000,057,344 | ---- | M] (O2Micro) -- C:\Windows\SysNative\ct32O2.dll [2016.04.20 21:01:34 | 000,000,834 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016.04.20 20:56:51 | 000,349,736 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwampfl.sys [2016.04.20 20:56:51 | 000,138,280 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwavdt.sys [2016.04.20 20:56:51 | 000,107,560 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwaudio.sys [2016.04.20 20:56:51 | 000,039,464 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwl2cap.sys [2016.04.20 20:56:51 | 000,022,056 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\btwcoins.dll [2016.04.20 20:56:51 | 000,021,416 | ---- | M] (Broadcom Corporation.) -- C:\Windows\SysNative\drivers\btwrchid.sys [2016.04.20 20:53:18 | 000,015,804 | ---- | M] () -- C:\Windows\SysNative\results.xml [2016.04.20 19:25:28 | 000,001,147 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2016.04.20 19:09:52 | 000,207,887 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2016.04.20 19:09:52 | 000,207,887 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2016.04.20 19:08:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2016.04.20 19:08:03 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2016.04.22 22:12:45 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2016.04.22 00:13:17 | 001,559,112 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2016.04.21 13:19:32 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\RarZilla Free Unrar.lnk [2016.04.21 13:17:16 | 000,001,019 | ---- | C] () -- C:\Users\Public\Desktop\Notepad++.lnk [2016.04.21 13:11:10 | 000,001,031 | ---- | C] () -- C:\Users\Public\Desktop\OrangeEdit.lnk [2016.04.21 12:20:28 | 000,001,204 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk [2016.04.21 12:14:27 | 000,002,699 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2016.04.21 12:10:53 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2016.04.21 11:53:39 | 000,001,969 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies 3.lnk [2016.04.21 11:45:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf [2016.04.21 11:34:46 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk [2016.04.21 11:34:46 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk [2016.04.21 10:52:46 | 000,001,133 | ---- | C] () -- C:\Users\wrecken\Desktop\Another Matrix Screen Saver.lnk [2016.04.21 07:03:46 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\Avast Business Security.lnk [2016.04.21 06:39:07 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2016.04.21 06:39:07 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2016.04.20 21:16:19 | 000,002,024 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2016.04.20 21:13:13 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2016.04.20 21:13:03 | 000,000,206 | ---- | C] () -- C:\Windows\hbcikrnl.ini [2016.04.20 20:59:33 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016.04.20 20:53:18 | 000,015,804 | ---- | C] () -- C:\Windows\SysNative\results.xml [2016.04.20 20:46:58 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa [2016.04.20 20:46:58 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2016.04.20 20:46:58 | 000,867,020 | ---- | C] () -- C:\Windows\SysNative\igkrng575.bin [2016.04.20 20:46:58 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2016.04.20 20:46:58 | 000,128,204 | ---- | C] () -- C:\Windows\SysNative\igcompkrng575.bin [2016.04.20 20:46:58 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2016.04.20 20:46:58 | 000,105,608 | ---- | C] () -- C:\Windows\SysNative\igfcg575m.bin [2016.04.20 20:46:58 | 000,059,243 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp [2016.04.20 20:46:58 | 000,059,174 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp [2016.04.20 20:46:58 | 000,059,062 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp [2016.04.20 20:46:58 | 000,017,444 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2016.04.20 20:46:58 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2016.04.20 20:46:58 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp [2016.04.20 20:46:57 | 013,913,600 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2016.04.20 20:46:57 | 000,135,370 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2016.04.20 20:46:57 | 000,117,636 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2016.04.20 20:46:57 | 000,116,348 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2016.04.20 20:46:57 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll [2016.04.20 20:46:57 | 000,000,146 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config [2016.04.20 20:46:56 | 000,211,303 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2016.04.20 20:46:56 | 000,198,139 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2016.04.20 20:46:56 | 000,182,706 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2016.04.20 20:46:56 | 000,153,167 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2016.04.20 20:46:56 | 000,149,009 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2016.04.20 20:46:56 | 000,140,216 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2016.04.20 20:46:56 | 000,138,727 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2016.04.20 20:46:56 | 000,137,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2016.04.20 20:46:56 | 000,137,668 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2016.04.20 20:46:56 | 000,136,603 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2016.04.20 20:46:56 | 000,135,628 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2016.04.20 20:46:56 | 000,134,836 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2016.04.20 20:46:56 | 000,134,412 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2016.04.20 20:46:56 | 000,134,384 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2016.04.20 20:46:56 | 000,133,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2016.04.20 20:46:56 | 000,133,709 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2016.04.20 20:46:56 | 000,133,178 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2016.04.20 20:46:56 | 000,132,889 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2016.04.20 20:46:56 | 000,132,788 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2016.04.20 20:46:56 | 000,131,839 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2016.04.20 20:46:56 | 000,128,996 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2016.04.20 20:46:56 | 000,128,831 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2016.04.20 20:46:56 | 000,124,052 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources [2016.04.20 20:46:55 | 000,156,233 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2016.04.20 20:46:55 | 000,133,404 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2016.04.20 20:46:55 | 000,128,535 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2016.04.20 19:25:28 | 000,001,159 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2016.04.20 19:25:28 | 000,001,147 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2016.04.20 19:12:38 | 000,001,405 | ---- | C] () -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2016.04.20 19:12:34 | 000,001,439 | ---- | C] () -- C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2016.04.20 19:09:45 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2016.04.20 19:09:45 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2016.04.20 19:08:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2016.04.20 19:08:03 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2016.04.20 19:05:15 | 2307,272,704 | -HS- | C] () -- C:\hiberfil.sys ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 05:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 05:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2016.04.21 07:04:34 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\AVAST Software [2016.04.21 13:17:29 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Notepad++ [2016.04.21 13:08:24 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\OrangeApps [2016.04.21 12:35:08 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Philipp Winterberg [2016.04.21 11:53:33 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Samsung [2016.04.20 21:12:18 | 000,000,000 | ---D | M] -- C:\Users\wrecken\AppData\Roaming\Wave Systems Corp ========== Purity Check ========== < End of report > |
|
24.04.2016, 17:16
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Bedenklicher Eintrag im Startmenü Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
26.04.2016, 18:51
| #3 |
| | Bedenklicher Eintrag im StartmenüCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-04-2016
durchgeführt von wrecken (Administrator) auf WRECKEN-PC (25-04-2016 21:05:11)
Gestartet von C:\Users\wrecken\Desktop
Geladene Profile: wrecken (Verfügbare Profile: wrecken)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\bcc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\bccavsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
() C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp45-kb2972107-x64.exe
(Microsoft Corporation) E:\74317c8f4d0b3ea0af4e7072b1\Setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-07-17] (Intel(R) Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686744 2012-09-05] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-04-21] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [319152 2016-04-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-13] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-2048369672-643187680-2407283211-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Another Matrix Screen Saver\Another Matrix Screen Saver.scr [55808 2005-03-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-21] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-04-20]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk [2016-04-20]
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{30A37DFD-E193-4F21-87E2-E1D475688139}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4113C692-F91C-457A-86B7-261856760A92}: [DhcpNameServer] 212.33.36.155 212.33.55.5
Internet Explorer:
==================
HKU\S-1-5-21-2048369672-643187680-2407283211-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-02-03] (RealDownloader)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\wrecken\AppData\Roaming\Mozilla\Firefox\Profiles\nrxv7ewj.default
FF Homepage: www.google.at
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-22] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @real.com/nppl3260;version=18.1.3.100 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-04-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.3.100 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-04-21] (RealPlayer)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\wrecken\AppData\Roaming\Mozilla\Firefox\Profiles\nrxv7ewj.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-04-21]
FF Extension: NoScript - C:\Users\wrecken\AppData\Roaming\Mozilla\Firefox\Profiles\nrxv7ewj.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-21]
FF Extension: Adblock Plus - C:\Users\wrecken\AppData\Roaming\Mozilla\Firefox\Profiles\nrxv7ewj.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-21]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswBcc; C:\Program Files\AVAST Software\Avast\bcc.exe [647904 2016-04-21] (AVAST Software)
R2 Avast Business Console Client Antivirus Service; C:\Program Files\AVAST Software\Avast\bccavsvc.exe [1528584 2016-04-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-04-21] (AVAST Software)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-07-17] ()
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [21504 2013-01-21] (Dell, Inc.) [Datei ist nicht signiert]
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-02-03] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-04-21] (RealNetworks, Inc.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S4 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3377904 2013-07-17] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-04-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-04-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-04-21] (AVAST Software)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-25 21:05 - 2016-04-25 21:07 - 00011629 _____ C:\Users\wrecken\Desktop\FRST.txt
2016-04-25 21:04 - 2016-04-25 21:05 - 00000000 ____D C:\FRST
2016-04-25 20:59 - 2016-04-25 21:00 - 02376192 _____ (Farbar) C:\Users\wrecken\Desktop\FRST64.exe
2016-04-25 18:12 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-04-25 18:12 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-04-25 16:09 - 2016-04-25 17:33 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-25 16:09 - 2016-04-25 16:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-24 23:52 - 2016-04-24 23:52 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-24 23:52 - 2016-04-24 23:52 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-24 23:52 - 2016-04-24 23:52 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-04-24 23:52 - 2016-04-24 23:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-24 23:52 - 2016-04-24 23:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-04-24 23:52 - 2016-04-24 23:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-04-24 23:52 - 2016-04-24 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-04-24 23:52 - 2016-04-24 23:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-04-24 23:52 - 2016-04-24 23:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-24 23:51 - 2016-04-24 23:51 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-24 23:51 - 2016-04-24 23:51 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-04-24 23:51 - 2016-04-24 23:51 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-24 23:51 - 2016-04-24 23:51 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-04-24 23:51 - 2016-04-24 23:51 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-04-24 23:51 - 2016-04-24 23:51 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-24 19:32 - 2016-04-24 19:31 - 00420192 _____ () C:\Users\wrecken\Downloads\DellSystemDetect.exe
2016-04-24 19:20 - 2016-04-24 19:20 - 00000000 ___SD C:\Users\wrecken\AppData\LocalLow\Temp
2016-04-24 18:32 - 2016-04-24 18:32 - 00000000 ____D C:\Users\wrecken\Documents\WorkcellBackup
2016-04-24 18:24 - 2016-04-24 18:24 - 00000000 ____D C:\Users\wrecken\AppData\Local\FANUC
2016-04-24 17:15 - 2016-04-24 18:39 - 00000000 ____D C:\ProgramData\Robot Neighborhood
2016-04-24 17:15 - 2016-04-24 18:38 - 00000000 ____D C:\Users\wrecken\Documents\My Workcells
2016-04-24 17:12 - 2016-04-24 17:12 - 00002986 _____ C:\Windows\System32\Tasks\{4FF864C5-EDA6-4F07-A08B-4AC9EE2B5BA2}
2016-04-24 16:44 - 2016-04-24 16:44 - 00001751 _____ C:\Users\wrecken\Documents\ROBOGUIDE Sample Workcells.lnk
2016-04-24 16:44 - 2016-04-24 16:44 - 00001736 _____ C:\Users\wrecken\Documents\ROBOGUIDE Image Library.lnk
2016-04-24 16:28 - 2016-04-24 16:28 - 00002119 _____ C:\Users\wrecken\Desktop\ROBOGUIDE.lnk
2016-04-24 16:28 - 2015-12-24 12:16 - 00042496 _____ () C:\Windows\SysWOW64\VirtualCameraForiRVision.dll
2016-04-24 16:28 - 2015-12-24 12:16 - 00020480 _____ (FANUC) C:\Windows\SysWOW64\VirtualCamera.dll
2016-04-24 16:28 - 2015-07-06 08:48 - 00608768 _____ (Concept Software, Inc.) C:\Windows\SysWOW64\KEYLIB32.dll
2016-04-24 16:27 - 2015-07-06 08:48 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2016-04-24 16:27 - 1998-06-17 17:07 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2016-04-24 16:26 - 2015-12-03 03:08 - 00057344 _____ (FANUC Robotics North America, Inc.) C:\Windows\SysWOW64\pac.dll
2016-04-24 16:26 - 2015-07-06 08:49 - 01009336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCHRT20.OCX
2016-04-24 16:26 - 2015-07-06 08:49 - 00647872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2016-04-24 16:26 - 2015-07-06 08:49 - 00244416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFLXGRD.OCX
2016-04-24 16:26 - 2015-07-06 08:49 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2016-04-24 16:26 - 2015-07-06 08:48 - 00651264 _____ (Opteon) C:\Windows\SysWOW64\depict.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00415176 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\COMCT332.OCX
2016-04-24 16:26 - 2015-07-06 08:48 - 00256000 _____ C:\Windows\SysWOW64\iflTIFF0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TLBINF32.DLL
2016-04-24 16:26 - 2015-07-06 08:48 - 00104960 _____ C:\Windows\SysWOW64\iflJFIF0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00102912 _____ C:\Windows\SysWOW64\ifl0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00086016 _____ C:\Windows\SysWOW64\iflPNG0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00041600 _____ (Opteon) C:\Windows\SysWOW64\Drivers\Paragon.sys
2016-04-24 16:26 - 2015-07-06 08:48 - 00026112 _____ C:\Windows\SysWOW64\iflSGI0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00026112 _____ C:\Windows\SysWOW64\iflGIF0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00019456 _____ C:\Windows\SysWOW64\iflBMP0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00016384 _____ C:\Windows\SysWOW64\iflXPM0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00014848 _____ C:\Windows\SysWOW64\iflPPM0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00013312 _____ C:\Windows\SysWOW64\iflRaw0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00012800 _____ C:\Windows\SysWOW64\iflXBM0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00012288 _____ C:\Windows\SysWOW64\iflFIT0.dll
2016-04-24 16:26 - 2015-07-06 08:48 - 00004524 _____ C:\Windows\SysWOW64\ifl_database0
2016-04-24 16:25 - 2016-04-24 16:25 - 00003120 _____ C:\Windows\SysWOW64\3PN9VVFC.ocx
2016-04-24 16:24 - 2016-04-24 16:24 - 00002133 _____ C:\Users\wrecken\Desktop\HandlingPRO.lnk
2016-04-24 16:24 - 2009-09-04 08:53 - 00010496 _____ C:\Windows\SysWOW64\machnm64.sys
2016-04-24 16:20 - 2006-01-31 01:25 - 00030208 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\lfbmp13n.dll
2016-04-24 16:20 - 2006-01-31 01:24 - 00759808 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltocx13n.ocx
2016-04-24 16:20 - 2006-01-31 01:24 - 00453120 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltkrn13n.dll
2016-04-24 16:20 - 2006-01-31 01:24 - 00445440 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltimg13n.dll
2016-04-24 16:20 - 2006-01-31 01:24 - 00265216 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\LTDIS13n.dll
2016-04-24 16:20 - 2006-01-31 01:24 - 00206848 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltefx13n.dll
2016-04-24 16:20 - 2006-01-31 01:24 - 00182784 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\Lfpng13n.dll
2016-04-24 16:20 - 2006-01-31 01:24 - 00154112 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\ltfil13n.DLL
2016-04-24 16:20 - 2006-01-31 01:24 - 00044032 ____R (LEAD Technologies, Inc.) C:\Windows\SysWOW64\lttwn13n.dll
2016-04-24 16:01 - 2009-03-10 17:47 - 00551120 _____ C:\Windows\SysWOW64\vbogl.tlb
2016-04-24 16:01 - 2009-03-10 17:47 - 00237568 _____ C:\Windows\SysWOW64\glut32.dll
2016-04-24 15:31 - 2016-04-24 16:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FANUC Robotics
2016-04-24 15:31 - 2016-04-24 15:31 - 00003120 _____ C:\Windows\SysWOW64\ES2TPCPS.ocx
2016-04-24 15:31 - 2015-07-06 08:49 - 01044480 _____ (eHelp Corporation.) C:\Windows\SysWOW64\ROBOEX32.DLL
2016-04-24 15:30 - 2015-12-03 03:07 - 00057344 _____ (FANUC Robotics North America, Inc.) C:\Windows\SysWOW64\frping.dll
2016-04-24 15:30 - 2015-12-03 03:03 - 00048128 ____N (FANUC) C:\Windows\SysWOW64\FRUserAppSettings.dll
2016-04-24 15:30 - 2015-07-06 08:48 - 00209608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx
2016-04-24 15:30 - 2015-07-06 08:48 - 00203976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx
2016-04-24 15:30 - 2015-07-06 08:48 - 00102160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6JP.DLL
2016-04-24 15:30 - 2009-09-04 08:53 - 00007168 _____ C:\Windows\SysWOW64\Machnm32.sys
2016-04-24 15:30 - 2003-04-22 13:28 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmapi32.ocx
2016-04-24 15:30 - 2002-09-04 12:17 - 00608448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2016-04-24 15:30 - 2002-09-04 12:17 - 00140488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2016-04-24 15:30 - 2001-09-11 10:13 - 00060416 _____ (Concept Software, Inc.) C:\Windows\SysWOW64\KeyLbI32.dll
2016-04-24 15:30 - 2001-09-11 10:13 - 00015840 _____ C:\Windows\SysWOW64\Machnm1.exe
2016-04-24 15:30 - 1998-06-18 00:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2016-04-24 15:24 - 2016-04-24 15:39 - 00000000 ____D C:\ProgramData\FANUC
2016-04-24 14:12 - 2016-04-24 14:12 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-04-23 23:45 - 2016-04-24 04:14 - 00049526 _____ C:\Users\wrecken\Downloads\Extras.Txt
2016-04-23 23:44 - 2016-04-24 04:13 - 00130052 _____ C:\Users\wrecken\Downloads\OTL.Txt
2016-04-23 22:42 - 2016-04-23 22:43 - 00602112 _____ (OldTimer Tools) C:\Users\wrecken\Downloads\otl.exe
2016-04-23 22:35 - 2016-04-25 17:49 - 00000000 ____D C:\Windows\pss
2016-04-23 08:13 - 2016-04-23 08:15 - 69216640 _____ (Dell Inc.) C:\Users\wrecken\Downloads\Input_Driver_GGY5W_WN_8.1200.101.127_A06(1).EXE
2016-04-23 08:06 - 2016-04-23 08:06 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2016-04-22 22:13 - 2016-04-22 22:13 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Macromedia
2016-04-22 22:13 - 2016-04-22 22:13 - 00000000 ____D C:\Users\wrecken\AppData\Local\Macromedia
2016-04-22 22:12 - 2016-04-25 20:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-22 22:12 - 2016-04-22 22:12 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-22 22:12 - 2016-04-22 22:12 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-22 22:12 - 2016-04-22 22:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-22 22:12 - 2016-04-22 22:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-04-22 22:12 - 2016-04-22 22:12 - 00000000 ____D C:\Windows\system32\Macromed
2016-04-22 21:45 - 2016-04-22 21:45 - 00000000 ____D C:\Users\wrecken\Documents\Bluetooth-Exchange-Ordner
2016-04-22 01:23 - 2016-04-22 01:23 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-04-22 01:23 - 2016-04-22 01:23 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-04-22 01:22 - 2016-04-22 01:22 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-04-22 00:13 - 2016-04-25 20:52 - 01592784 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-04-21 22:37 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-04-21 22:37 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-04-21 22:37 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-04-21 22:37 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-04-21 22:37 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-04-21 22:37 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-04-21 22:37 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-04-21 22:37 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2016-04-21 22:16 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2016-04-21 22:16 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2016-04-21 22:16 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2016-04-21 22:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-04-21 22:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-04-21 22:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-04-21 22:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-04-21 22:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-04-21 22:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-04-21 22:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-04-21 22:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-04-21 21:55 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2016-04-21 21:55 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2016-04-21 21:55 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2016-04-21 21:55 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2016-04-21 21:49 - 2015-11-03 21:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-04-21 21:49 - 2015-11-03 20:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-04-21 21:49 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-04-21 21:49 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-04-21 21:49 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-04-21 21:49 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-04-21 21:49 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-04-21 21:49 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-04-21 21:49 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-04-21 21:49 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-04-21 21:49 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-04-21 21:49 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-04-21 21:49 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2016-04-21 21:49 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-04-21 21:49 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2016-04-21 21:48 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-21 21:48 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-04-21 21:48 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-04-21 21:48 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2016-04-21 21:48 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2016-04-21 21:48 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-04-21 21:48 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2016-04-21 21:48 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-04-21 21:48 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2016-04-21 21:48 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2016-04-21 21:48 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2016-04-21 21:48 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-04-21 21:48 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2016-04-21 21:48 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-04-21 21:48 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2016-04-21 21:48 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-04-21 21:48 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-04-21 21:48 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-04-21 21:48 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-04-21 21:48 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-04-21 21:48 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-04-21 21:48 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-04-21 21:48 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-04-21 21:48 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-04-21 21:48 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-04-21 21:48 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-04-21 21:48 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2016-04-21 21:48 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-04-21 21:48 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2016-04-21 21:48 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-04-21 21:48 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2016-04-21 21:48 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2016-04-21 21:48 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2016-04-21 21:48 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2016-04-21 21:48 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-04-21 21:48 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-04-21 21:48 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-04-21 21:48 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2016-04-21 21:48 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-04-21 21:48 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2016-04-21 21:48 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2016-04-21 21:48 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2016-04-21 21:48 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2016-04-21 21:47 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-04-21 21:47 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-04-21 21:47 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-04-21 21:47 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-04-21 21:47 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-04-21 21:47 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-04-21 21:47 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-04-21 21:47 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-04-21 21:47 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-04-21 21:47 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-04-21 21:47 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-04-21 21:47 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-04-21 21:47 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-04-21 21:46 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-04-21 21:46 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-04-21 21:46 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-04-21 21:46 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-04-21 21:46 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-04-21 21:46 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-04-21 21:46 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-04-21 21:46 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2016-04-21 21:46 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-04-21 21:46 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-04-21 21:46 - 2014-01-01 01:05 - 00420008 _____ C:\Windows\SysWOW64\locale.nls
2016-04-21 21:46 - 2014-01-01 01:04 - 00420008 _____ C:\Windows\system32\locale.nls
2016-04-21 21:46 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-04-21 21:46 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-04-21 21:46 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-04-21 21:45 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-21 21:45 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-04-21 21:45 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-04-21 21:45 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-04-21 21:45 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-04-21 21:45 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-04-21 21:45 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-04-21 21:45 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-04-21 21:45 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-04-21 21:45 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-04-21 21:45 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-04-21 21:45 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-04-21 21:45 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-04-21 21:45 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-04-21 21:45 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-04-21 21:45 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2016-04-21 21:45 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2016-04-21 21:45 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2016-04-21 21:45 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-04-21 21:45 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-04-21 21:45 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2016-04-21 21:45 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2016-04-21 21:45 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2016-04-21 21:45 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-04-21 21:45 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2016-04-21 21:44 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-21 21:44 - 2015-11-10 20:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-04-21 21:44 - 2015-11-10 20:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-04-21 21:44 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-04-21 21:44 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-04-21 21:44 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-04-21 21:44 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-04-21 21:44 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-04-21 21:44 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-04-21 21:44 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-04-21 21:44 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-04-21 21:44 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-04-21 21:44 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-04-21 21:44 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-04-21 21:44 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-04-21 21:44 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-04-21 21:44 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-04-21 21:44 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-04-21 21:44 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-04-21 21:44 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-04-21 21:44 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2016-04-21 21:44 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2016-04-21 21:43 - 2016-03-16 02:22 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-21 21:43 - 2016-03-16 02:22 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-21 21:43 - 2016-03-16 02:16 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-21 21:43 - 2016-03-16 02:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-21 21:43 - 2016-03-16 02:15 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-21 21:43 - 2016-03-16 02:15 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-21 21:43 - 2016-03-16 02:15 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-21 21:43 - 2016-03-16 02:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-21 21:43 - 2016-03-16 02:14 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-21 21:43 - 2016-03-16 02:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-21 21:43 - 2016-03-16 02:13 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-21 21:43 - 2016-03-16 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-21 21:43 - 2016-03-16 02:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-21 21:43 - 2016-03-16 02:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-21 21:43 - 2016-03-16 01:54 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-21 21:43 - 2016-03-16 01:54 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-21 21:43 - 2016-03-16 01:54 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-21 21:43 - 2016-03-16 01:54 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-21 21:43 - 2016-03-16 01:53 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-21 21:43 - 2016-03-16 01:53 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-21 21:43 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-21 21:43 - 2016-03-16 01:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-21 21:43 - 2016-03-16 01:52 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-21 21:43 - 2016-03-16 01:52 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-21 21:43 - 2016-03-16 01:52 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-21 21:43 - 2016-03-16 01:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-21 21:43 - 2016-03-16 01:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-21 21:43 - 2016-03-16 01:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-21 21:43 - 2016-03-16 01:51 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-21 21:43 - 2016-03-16 01:51 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-21 21:43 - 2016-03-16 01:16 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-21 21:43 - 2016-03-16 01:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-21 21:43 - 2016-03-16 01:03 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-21 21:43 - 2016-03-16 01:02 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-21 21:43 - 2016-03-16 01:02 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-21 21:43 - 2016-03-16 01:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-21 21:43 - 2016-03-16 00:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-21 21:43 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-04-21 21:43 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-04-21 21:43 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-04-21 21:43 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-04-21 21:43 - 2015-09-23 15:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-21 21:43 - 2015-09-23 15:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-04-21 21:43 - 2015-09-23 15:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-04-21 21:43 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-04-21 21:43 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-04-21 21:43 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-04-21 21:43 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-04-21 21:43 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-04-21 21:43 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2016-04-21 21:42 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-04-21 21:42 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-04-21 21:42 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-04-21 21:42 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-04-21 21:42 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-04-21 21:42 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-04-21 21:42 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-04-21 21:42 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-04-21 21:42 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-04-21 21:42 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-04-21 21:42 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-04-21 21:42 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-04-21 21:42 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-04-21 21:42 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-04-21 21:42 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-04-21 21:42 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-04-21 21:42 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2016-04-21 21:42 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-04-21 21:42 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2016-04-21 21:42 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-04-21 21:42 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2016-04-21 21:42 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2016-04-21 21:42 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2016-04-21 21:42 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2016-04-21 21:42 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2016-04-21 21:42 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2016-04-21 21:42 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2016-04-21 21:42 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2016-04-21 21:42 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2016-04-21 21:41 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-21 21:41 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-21 21:41 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-21 21:41 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-21 21:41 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-21 21:41 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-21 21:41 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-21 21:41 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-21 21:41 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-21 21:41 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-21 21:41 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-21 21:41 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-21 21:41 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-21 21:41 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
|
|
26.04.2016, 18:53
| #4 |
| | Bedenklicher Eintrag im StartmenüCode:
ATTFilter 2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-21 21:41 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-21 21:41 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-21 21:41 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-21 21:41 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-21 21:41 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-21 21:41 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-21 21:41 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-21 21:41 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-21 21:41 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-21 21:41 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-21 21:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-21 21:41 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-04-21 21:41 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-04-21 21:41 - 2015-11-05 21:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-04-21 21:41 - 2015-11-05 21:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-04-21 21:41 - 2015-11-05 11:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-04-21 21:41 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-04-21 21:41 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-04-21 21:41 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-04-21 21:41 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-04-21 21:41 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-04-21 21:41 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-04-21 21:41 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-04-21 21:41 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-04-21 21:41 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-04-21 21:41 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2016-04-21 21:40 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-04-21 21:40 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-04-21 21:40 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-04-21 21:40 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-04-21 21:40 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-04-21 21:40 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-04-21 21:40 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-04-21 21:40 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-04-21 21:40 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-04-21 21:40 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-04-21 21:40 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-04-21 21:40 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-04-21 21:40 - 2015-12-08 23:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-04-21 21:40 - 2015-12-08 23:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-04-21 21:40 - 2015-12-08 23:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-04-21 21:40 - 2015-12-08 23:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-04-21 21:40 - 2015-12-08 23:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-04-21 21:40 - 2015-12-08 23:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-04-21 21:40 - 2015-12-08 23:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-04-21 21:40 - 2015-12-08 23:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-04-21 21:40 - 2015-12-08 23:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-04-21 21:40 - 2015-12-08 23:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-04-21 21:40 - 2015-12-08 23:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-04-21 21:40 - 2015-12-08 23:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-04-21 21:40 - 2015-12-08 23:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-04-21 21:40 - 2015-12-08 23:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-04-21 21:40 - 2015-12-08 23:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-04-21 21:40 - 2015-12-08 21:07 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-04-21 21:40 - 2015-12-08 21:07 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-04-21 21:40 - 2015-11-11 20:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-04-21 21:40 - 2015-11-11 20:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-04-21 21:40 - 2015-11-11 20:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-04-21 21:40 - 2015-11-11 20:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-04-21 21:40 - 2015-10-13 18:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-04-21 21:40 - 2015-10-13 18:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-04-21 21:40 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-04-21 21:40 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-04-21 21:40 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-04-21 21:40 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-04-21 21:40 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-04-21 21:40 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-04-21 21:40 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-04-21 21:40 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-04-21 21:40 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-04-21 21:40 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-04-21 21:40 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-04-21 21:40 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-04-21 21:40 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-04-21 21:40 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-04-21 21:40 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-04-21 21:40 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-04-21 21:40 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-04-21 21:40 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-04-21 21:40 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-04-21 21:40 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-04-21 21:39 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-04-21 21:39 - 2016-01-07 19:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-04-21 21:39 - 2015-12-08 23:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-04-21 21:39 - 2015-12-08 23:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-04-21 21:39 - 2015-12-08 23:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-04-21 21:39 - 2015-12-08 23:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-04-21 21:39 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-04-21 21:39 - 2015-12-08 23:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-04-21 21:39 - 2015-12-08 23:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-04-21 21:39 - 2015-12-08 23:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-04-21 21:39 - 2015-12-08 23:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-04-21 21:39 - 2015-12-08 23:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-04-21 21:39 - 2015-12-08 23:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-04-21 21:39 - 2015-12-08 23:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-04-21 21:39 - 2015-12-08 23:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-04-21 21:39 - 2015-12-08 23:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-04-21 21:39 - 2015-12-08 21:07 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-04-21 21:39 - 2015-12-08 21:07 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-04-21 21:39 - 2015-12-08 21:07 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-04-21 21:39 - 2015-12-08 21:07 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-04-21 21:39 - 2015-12-08 21:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-04-21 21:39 - 2015-12-08 21:07 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-04-21 21:39 - 2015-12-08 21:07 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-04-21 21:39 - 2015-12-08 21:07 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-04-21 21:39 - 2015-12-08 21:06 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-04-21 21:39 - 2015-12-08 21:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-04-21 21:39 - 2015-12-08 21:04 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-04-21 21:39 - 2015-12-08 20:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-04-21 21:39 - 2015-12-08 20:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-04-21 21:39 - 2015-12-08 20:11 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-04-21 21:39 - 2015-10-01 20:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-21 21:39 - 2015-10-01 20:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-21 21:39 - 2015-10-01 20:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-21 21:39 - 2015-10-01 20:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-21 21:39 - 2015-10-01 20:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-21 21:39 - 2015-10-01 20:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-21 21:39 - 2015-10-01 20:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-21 21:39 - 2015-10-01 19:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-21 21:39 - 2015-10-01 19:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-21 21:39 - 2015-06-03 22:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-04-21 21:39 - 2015-06-03 22:16 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-21 21:39 - 2015-06-03 22:16 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-21 21:39 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2016-04-21 21:39 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2016-04-21 21:39 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-04-21 21:39 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-04-21 21:39 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-04-21 21:39 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-04-21 21:39 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-04-21 21:39 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-04-21 21:39 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-04-21 21:39 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-04-21 21:39 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-04-21 21:39 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-04-21 21:39 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-04-21 21:39 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-04-21 21:39 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-04-21 21:39 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-04-21 21:39 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-04-21 21:39 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-04-21 21:39 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-04-21 21:39 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-04-21 21:39 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2016-04-21 21:39 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-04-21 21:39 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-04-21 21:39 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-04-21 21:39 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-04-21 21:39 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2016-04-21 21:39 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2016-04-21 21:39 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-04-21 21:38 - 2015-10-29 19:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-04-21 21:38 - 2015-10-29 19:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-04-21 21:38 - 2015-10-29 19:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-04-21 21:38 - 2015-10-29 19:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-04-21 21:38 - 2015-10-29 19:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-04-21 21:38 - 2015-10-29 19:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-04-21 21:38 - 2015-10-29 19:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-04-21 21:38 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2016-04-21 21:38 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2016-04-21 21:38 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2016-04-21 21:38 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2016-04-21 21:38 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2016-04-21 21:38 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2016-04-21 21:38 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2016-04-21 21:38 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2016-04-21 21:38 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-04-21 21:38 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-04-21 21:38 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-04-21 21:38 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2016-04-21 21:38 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2016-04-21 21:38 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-04-21 21:38 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-04-21 21:38 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2016-04-21 21:38 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-04-21 21:38 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2016-04-21 21:37 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-04-21 21:37 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-21 21:37 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-04-21 21:37 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-21 21:37 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-04-21 21:37 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-21 21:37 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-04-21 21:37 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-21 21:37 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2016-04-21 21:37 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-04-21 21:37 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-04-21 21:37 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-04-21 21:37 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-04-21 21:37 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2016-04-21 21:37 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2016-04-21 21:37 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-04-21 21:37 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-04-21 21:37 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2016-04-21 21:37 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2016-04-21 21:37 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-04-21 21:37 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2016-04-21 21:37 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-04-21 21:37 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2016-04-21 21:37 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-04-21 21:37 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-04-21 21:37 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-04-21 21:37 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-04-21 21:37 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2016-04-21 21:37 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2016-04-21 21:37 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-04-21 21:37 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2016-04-21 21:37 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2016-04-21 21:37 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2016-04-21 21:37 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2016-04-21 21:36 - 2016-01-22 08:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-04-21 21:36 - 2016-01-22 08:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-04-21 21:36 - 2016-01-22 08:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-21 21:36 - 2016-01-22 08:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-04-21 21:36 - 2016-01-22 08:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-04-21 21:36 - 2016-01-22 08:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-21 21:36 - 2016-01-22 08:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-21 21:36 - 2016-01-16 21:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-21 21:36 - 2016-01-16 20:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-21 21:36 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-04-21 21:36 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-04-21 21:36 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2016-04-21 21:36 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2016-04-21 21:36 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-04-21 21:36 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-04-21 21:36 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-04-21 21:36 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-04-21 21:35 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-04-21 21:35 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-04-21 21:35 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-04-21 21:35 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-04-21 21:35 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-04-21 21:35 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-04-21 21:35 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-04-21 21:35 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-04-21 21:35 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-04-21 21:35 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-04-21 21:35 - 2016-01-22 08:19 - 14179840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-21 21:35 - 2016-01-22 08:15 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-21 21:35 - 2016-01-22 08:12 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-04-21 21:35 - 2016-01-22 08:05 - 12877824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-21 21:35 - 2016-01-22 08:00 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-21 21:35 - 2016-01-22 07:59 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-04-21 21:35 - 2016-01-22 07:19 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-04-21 21:35 - 2016-01-22 07:12 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-04-21 21:35 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-04-21 21:35 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-04-21 21:35 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-04-21 21:35 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-04-21 21:35 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-04-21 21:35 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-04-21 21:35 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-04-21 21:35 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-04-21 21:35 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-04-21 21:35 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-04-21 21:35 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2016-04-21 21:35 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2016-04-21 21:35 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-04-21 21:34 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-21 21:34 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-21 21:34 - 2015-10-13 06:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-04-21 21:34 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2016-04-21 21:34 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2016-04-21 21:34 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-04-21 21:34 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-04-21 21:34 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-04-21 21:34 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-04-21 21:34 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-04-21 21:34 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-04-21 21:34 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-04-21 21:34 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-04-21 21:34 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-04-21 21:34 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2016-04-21 21:34 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-04-21 21:34 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2016-04-21 21:34 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2016-04-21 21:34 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2016-04-21 21:34 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2016-04-21 21:33 - 2015-12-08 23:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-04-21 21:33 - 2015-12-08 21:07 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-04-21 21:33 - 2015-11-03 21:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-04-21 21:33 - 2015-11-03 20:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-04-21 21:33 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-04-21 21:33 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-04-21 21:33 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-04-21 21:33 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-04-21 21:33 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-04-21 21:33 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-04-21 21:33 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-04-21 21:33 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-04-21 21:33 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-04-21 21:33 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-04-21 21:33 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-04-21 21:33 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-04-21 21:33 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2016-04-21 21:33 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2016-04-21 21:33 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-21 21:33 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-21 21:33 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-04-21 21:33 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-04-21 21:33 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-04-21 21:32 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-04-21 21:32 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2016-04-21 21:32 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2016-04-21 21:32 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2016-04-21 21:32 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2016-04-21 21:32 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2016-04-21 21:32 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2016-04-21 21:32 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2016-04-21 21:32 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2016-04-21 21:32 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2016-04-21 21:32 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2016-04-21 21:32 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-04-21 21:32 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-04-21 21:32 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-04-21 21:32 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2016-04-21 21:32 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2016-04-21 21:32 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-04-21 21:22 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-04-21 21:22 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-21 21:22 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-21 21:22 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-04-21 21:22 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-21 21:22 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-04-21 20:35 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-04-21 20:35 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-04-21 20:35 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2016-04-21 13:19 - 2016-04-21 13:19 - 00001091 _____ C:\Users\Public\Desktop\RarZilla Free Unrar.lnk
2016-04-21 13:19 - 2016-04-21 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RarZilla Free Unrar
2016-04-21 13:19 - 2016-04-21 13:19 - 00000000 ____D C:\Program Files (x86)\RarZilla Free Unrar
2016-04-21 13:18 - 2016-04-21 13:18 - 01475080 _____ C:\Users\wrecken\Downloads\RarZilla Free Unrar - CHIP-Installer.exe
2016-04-21 13:17 - 2016-04-21 13:17 - 00001019 _____ C:\Users\Public\Desktop\Notepad++.lnk
2016-04-21 13:17 - 2016-04-21 13:17 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Notepad++
2016-04-21 13:17 - 2016-04-21 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-04-21 13:17 - 2016-04-21 13:17 - 00000000 ____D C:\Program Files (x86)\Notepad++
2016-04-21 13:16 - 2016-04-21 13:16 - 04203840 _____ C:\Users\wrecken\Downloads\npp.6.9.1.Installer.exe
2016-04-21 13:11 - 2016-04-21 13:11 - 00001031 _____ C:\Users\Public\Desktop\OrangeEdit.lnk
2016-04-21 13:11 - 2016-04-21 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OrangeEdit
2016-04-21 13:11 - 2016-04-21 13:11 - 00000000 ____D C:\Program Files (x86)\OrangeEdit
2016-04-21 13:11 - 2016-04-21 13:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-04-21 13:11 - 2016-04-21 13:11 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-04-21 13:09 - 2016-04-21 13:09 - 02093653 _____ (OrangeApps GmbH ) C:\Users\wrecken\Downloads\Setup_OrangeEdit_2.0.11.62.exe
2016-04-21 13:08 - 2016-04-21 13:08 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\OrangeApps
2016-04-21 13:08 - 2016-04-21 13:08 - 00000000 ____D C:\Users\wrecken\AppData\Local\OrangeApps
2016-04-21 12:35 - 2016-04-21 12:35 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Philipp Winterberg
2016-04-21 12:20 - 2016-04-21 12:20 - 00003432 _____ C:\Windows\System32\Tasks\RealDownloader Update Check
2016-04-21 12:20 - 2016-04-21 12:20 - 00003370 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2048369672-643187680-2407283211-1000
2016-04-21 12:20 - 2016-04-21 12:20 - 00003240 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2048369672-643187680-2407283211-1000
2016-04-21 12:20 - 2016-04-21 12:20 - 00001204 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
2016-04-21 12:20 - 2016-04-21 12:20 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\RealNetworks
2016-04-21 12:20 - 2016-04-21 12:20 - 00000000 ____D C:\Users\wrecken\AppData\Local\Real
2016-04-21 12:20 - 2016-04-21 12:20 - 00000000 ____D C:\ProgramData\RealNetworks
2016-04-21 12:20 - 2016-04-21 12:20 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2016-04-21 12:19 - 2016-04-21 12:21 - 00000000 ____D C:\ProgramData\Real
2016-04-21 12:19 - 2016-04-21 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-04-21 12:19 - 2016-04-21 12:20 - 00000000 ____D C:\Program Files (x86)\Real
2016-04-21 12:19 - 2016-04-21 12:19 - 00505584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2016-04-21 12:19 - 2016-04-21 12:19 - 00354032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2016-04-21 12:19 - 2016-04-21 12:19 - 00278768 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2016-04-21 12:19 - 2016-04-21 12:19 - 00200944 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2016-04-21 12:18 - 2016-04-21 12:20 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Real
2016-04-21 12:15 - 2016-04-21 12:15 - 00000000 ____D C:\Users\wrecken\Tracing
2016-04-21 12:14 - 2016-04-25 21:09 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Skype
2016-04-21 12:14 - 2016-04-21 12:14 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-21 12:14 - 2016-04-21 12:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-21 12:14 - 2016-04-21 12:14 - 00000000 ____D C:\ProgramData\Skype
2016-04-21 12:14 - 2016-04-21 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-04-21 12:12 - 2016-04-21 12:12 - 01505408 _____ (Skype Technologies S.A.) C:\Users\wrecken\Downloads\SkypeSetup.exe
2016-04-21 12:11 - 2016-04-21 12:11 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\vlc
2016-04-21 12:10 - 2016-04-21 12:10 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-21 12:10 - 2016-04-21 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-04-21 12:10 - 2016-04-21 12:10 - 00000000 ____D C:\Program Files\VideoLAN
2016-04-21 12:08 - 2016-04-21 12:08 - 01475080 _____ C:\Users\wrecken\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2016-04-21 11:53 - 2016-04-21 11:53 - 00001969 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-21 11:45 - 2016-04-21 11:45 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2016-04-21 11:34 - 2016-04-21 11:34 - 00002002 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2016-04-21 11:34 - 2016-04-21 11:34 - 00001992 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2016-04-21 11:34 - 2016-04-21 11:34 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-04-21 11:34 - 2016-01-08 10:51 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-04-21 11:34 - 2016-01-08 10:51 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-04-21 11:34 - 2016-01-08 10:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2016-04-21 11:34 - 2016-01-08 10:51 - 00120416 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2016-04-21 11:33 - 2016-04-21 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-04-21 11:33 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2016-04-21 11:33 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2016-04-21 11:32 - 2016-04-21 11:53 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-04-21 11:32 - 2016-04-21 11:33 - 00000000 ____D C:\ProgramData\Samsung
2016-04-21 11:27 - 2016-04-21 11:27 - 00000000 ____D C:\Users\wrecken\AppData\Local\Downloaded Installations
2016-04-21 11:26 - 2016-04-21 11:27 - 80089472 _____ (Samsung Electronics Co., Ltd.) C:\Users\wrecken\Downloads\KiesSetup.exe
2016-04-21 11:26 - 2016-04-21 11:27 - 44045576 _____ (Samsung Electronics Co., Ltd.) C:\Users\wrecken\Downloads\Kies3Setup.exe
2016-04-21 11:20 - 2016-04-23 22:02 - 00000000 ____D C:\Users\wrecken\Documents\samsung
2016-04-21 11:20 - 2016-04-21 11:53 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Samsung
2016-04-21 11:20 - 2016-04-21 11:34 - 00000000 ____D C:\Users\wrecken\AppData\Local\Samsung
2016-04-21 11:19 - 2016-04-21 11:19 - 00000000 ____D C:\Program Files (x86)\honestech VHS to DVD 2.0 SE
2016-04-21 11:19 - 2016-04-21 11:19 - 00000000 ____D C:\Program Files (x86)\honestech
2016-04-21 11:18 - 2016-04-24 16:27 - 00000000 ____D C:\Program Files (x86)\FANUC
2016-04-21 11:15 - 2016-04-22 22:13 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Adobe
2016-04-21 11:15 - 2016-04-22 22:12 - 00000000 ____D C:\Users\wrecken\AppData\Local\Adobe
2016-04-21 11:15 - 2016-04-21 11:15 - 00000000 ____D C:\Users\wrecken\AppData\LocalLow\Adobe
2016-04-21 10:52 - 2016-04-21 10:52 - 00001157 _____ C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Another Matrix Screen Saver.lnk
2016-04-21 10:52 - 2016-04-21 10:52 - 00001133 _____ C:\Users\wrecken\Desktop\Another Matrix Screen Saver.lnk
2016-04-21 10:52 - 2016-04-21 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Another Matrix Screen Saver
2016-04-21 10:52 - 2016-04-21 10:52 - 00000000 ____D C:\Program Files (x86)\Another Matrix Screen Saver
2016-04-21 10:30 - 2016-04-21 10:30 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-04-21 07:06 - 2016-04-21 07:01 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-04-21 07:04 - 2016-04-21 07:04 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\AVAST Software
2016-04-21 07:03 - 2016-04-21 07:03 - 00001922 _____ C:\Users\Public\Desktop\Avast Business Security.lnk
2016-04-21 07:03 - 2016-04-21 07:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-21 07:02 - 2016-04-21 07:06 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-21 07:02 - 2016-04-21 07:02 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-04-21 07:02 - 2016-04-21 07:02 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-04-21 07:02 - 2016-04-21 07:02 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-04-21 07:02 - 2016-04-21 07:02 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-04-21 07:02 - 2016-04-21 07:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-21 07:02 - 2016-04-21 07:01 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-04-21 07:02 - 2016-04-21 07:01 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-04-21 07:02 - 2016-04-21 07:01 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-04-21 07:02 - 2016-04-21 07:01 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-04-21 07:02 - 2016-04-21 07:01 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-04-21 07:01 - 2016-04-21 07:01 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-04-21 06:59 - 2016-04-21 06:59 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-21 06:59 - 2016-04-21 06:59 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-21 06:58 - 2016-04-21 06:58 - 05153104 _____ (AVAST Software) C:\Users\wrecken\Downloads\avast_business_antivirus_setup_online.exe
2016-04-21 06:52 - 2016-04-21 06:52 - 00003194 _____ C:\Windows\System32\Tasks\{B2815F2B-A96F-4699-A53E-C58F982BD6C5}
2016-04-21 06:39 - 2016-04-22 22:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-04-21 06:39 - 2016-04-21 06:39 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2016-04-21 06:38 - 2016-04-21 06:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-21 06:35 - 2016-04-21 10:29 - 00000000 ____D C:\ProgramData\Adobe
2016-04-21 06:29 - 2016-04-21 06:30 - 76313280 _____ (Adobe Systems Incorporated) C:\Users\wrecken\Downloads\AdbeRdr11010_de_DE.exe
2016-04-20 22:21 - 2016-04-20 22:21 - 00000029 _____ C:\Users\wrecken\Downloads\Netzwerkfreigabeschlüssel.txt
2016-04-20 21:28 - 2016-04-20 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-20 21:27 - 2016-04-20 21:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-04-20 21:26 - 2016-04-20 21:26 - 00000000 ____D C:\Windows\PCHEALTH
2016-04-20 21:26 - 2016-04-20 21:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2016-04-20 21:24 - 2016-04-20 21:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-04-20 21:23 - 2016-04-20 21:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-04-20 21:22 - 2016-04-20 21:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-20 21:22 - 2016-04-20 21:22 - 00000000 ____D C:\Users\wrecken\AppData\Local\Microsoft Help
2016-04-20 21:21 - 2016-04-20 21:21 - 00000000 __RHD C:\MSOCache
2016-04-20 21:16 - 2016-04-20 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell System Manager
2016-04-20 21:15 - 2016-04-20 21:16 - 00000000 ____D C:\Program Files\Dell
2016-04-20 21:15 - 2016-04-20 21:15 - 00000000 ____D C:\ProgramData\Security Innovation
2016-04-20 21:15 - 2016-04-20 21:15 - 00000000 ____D C:\Program Files (x86)\Security Innovation
2016-04-20 21:15 - 2012-09-23 03:19 - 00459880 _____ (Dell Inc.) C:\Windows\system32\dchbas64.dll
2016-04-20 21:15 - 2012-09-23 03:19 - 00382056 _____ (Dell Inc.) C:\Windows\hapint.exe
2016-04-20 21:15 - 2012-09-23 03:19 - 00335464 _____ (Dell Inc.) C:\Windows\dchcfg64.exe
2016-04-20 21:15 - 2012-09-23 03:19 - 00322664 _____ (Dell Inc.) C:\Windows\system32\dchapi64.dll
2016-04-20 21:15 - 2012-09-23 03:19 - 00093288 _____ (Dell Inc.) C:\Windows\dcmdev64.exe
2016-04-20 21:13 - 2016-04-20 21:17 - 00000000 ____D C:\Program Files\Common Files\SPBA
2016-04-20 21:13 - 2016-04-20 21:13 - 20351952 _____ (Dell Inc.) C:\Users\wrecken\Downloads\APP_WIN_R312259.EXE
2016-04-20 21:13 - 2016-04-20 21:13 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-04-20 21:13 - 2016-04-20 21:13 - 00000206 _____ C:\Windows\hbcikrnl.ini
2016-04-20 21:13 - 2016-04-20 21:13 - 00000000 ____D C:\Program Files\Fingerprint Sensor
2016-04-20 21:13 - 2016-04-20 21:13 - 00000000 ____D C:\Program Files (x86)\O2Micro OZ776 SCR Driver
2016-04-20 21:13 - 2016-04-20 21:13 - 00000000 ____D C:\Program Files (x86)\Gemalto
2016-04-20 21:12 - 2016-04-20 21:15 - 00000000 ____D C:\ProgramData\Wave Systems Corp
2016-04-20 21:12 - 2016-04-20 21:12 - 00057344 _____ (O2Micro) C:\Windows\SysWOW64\ct32O2.dll
2016-04-20 21:12 - 2016-04-20 21:12 - 00057344 _____ (O2Micro) C:\Windows\system32\ct32O2.dll
2016-04-20 21:12 - 2016-04-20 21:12 - 00000000 ____D C:\Windows\Downloaded Installations
2016-04-20 21:12 - 2016-04-20 21:12 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Wave Systems Corp
2016-04-20 21:12 - 2016-04-20 21:12 - 00000000 ____D C:\Users\Public\Downloads\Dell
2016-04-20 21:05 - 2016-04-20 21:05 - 00000000 ____D C:\7cae8c5651b37dbf7e24f8f5c2
2016-04-20 21:04 - 2016-04-20 21:04 - 00000000 ____D C:\c8bb05505b6ffae53b
2016-04-20 21:03 - 2016-04-20 21:03 - 00000000 ____D C:\Users\wrecken\AppData\Local\Broadcom
2016-04-20 21:01 - 2016-04-20 20:56 - 00349736 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2016-04-20 21:01 - 2016-04-20 20:56 - 00138280 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2016-04-20 21:01 - 2016-04-20 20:56 - 00107560 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2016-04-20 21:01 - 2016-04-20 20:56 - 00039464 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2016-04-20 21:01 - 2016-04-20 20:56 - 00022056 _____ (Broadcom Corporation.) C:\Windows\system32\btwcoins.dll
2016-04-20 21:01 - 2016-04-20 20:56 - 00021416 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2016-04-20 20:59 - 2016-04-20 20:59 - 00000000 ____D C:\Program Files\WIDCOMM
2016-04-20 20:55 - 2009-07-01 18:31 - 00080896 _____ (REDC) C:\Windows\system32\Drivers\risdpe64.sys
2016-04-20 20:55 - 2009-05-28 18:24 - 00196608 _____ (RICOH) C:\Windows\system32\RiSDIcon.dll
2016-04-20 20:55 - 2009-05-28 18:24 - 00188416 _____ (RICOH) C:\Windows\system32\RiMMCIcon.dll
2016-04-20 20:54 - 2013-01-23 17:18 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2016-04-20 20:53 - 2016-04-20 20:53 - 00015804 _____ C:\Windows\system32\results.xml
2016-04-20 20:47 - 2016-04-20 20:54 - 00000000 ____D C:\Intel
2016-04-20 20:46 - 2013-02-08 07:04 - 04380144 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-04-20 20:46 - 2013-02-08 07:04 - 00510960 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-04-20 20:46 - 2013-02-08 07:04 - 00418800 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-04-20 20:46 - 2013-02-08 07:04 - 00394224 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-04-20 20:46 - 2013-02-08 07:04 - 00241136 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-04-20 20:46 - 2013-02-08 07:04 - 00185840 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-04-20 20:46 - 2013-02-08 07:04 - 00168944 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-04-20 20:46 - 2013-02-01 12:58 - 18664960 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 13913600 _____ C:\Windows\SysWOW64\ig4icd32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 12312928 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-04-20 20:46 - 2013-02-01 12:58 - 09528832 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 09014784 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 08314368 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 07988224 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 06324224 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 02780160 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 02191872 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-04-20 20:46 - 2013-02-01 12:58 - 00867020 _____ C:\Windows\SysWOW64\igkrng575.bin
2016-04-20 20:46 - 2013-02-01 12:58 - 00867020 _____ C:\Windows\system32\igkrng575.bin
2016-04-20 20:46 - 2013-02-01 12:58 - 00581120 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00390144 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00378368 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00376832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00376832 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00376320 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00293888 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00287232 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00286720 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00285696 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00283648 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00283136 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-04-20 20:46 - 2013-02-01 12:58 - 00246784 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00219136 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00211303 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00198139 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00182706 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00156233 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00153167 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00149009 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00146432 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00140216 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00138727 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00137846 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00137668 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00136603 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00135628 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00135370 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00134836 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00134412 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00134384 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00133846 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00133709 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00133404 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00133178 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00132889 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00132788 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00131839 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00128996 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00128831 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00128535 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00128204 _____ C:\Windows\SysWOW64\igcompkrng575.bin
2016-04-20 20:46 - 2013-02-01 12:58 - 00128204 _____ C:\Windows\system32\igcompkrng575.bin
2016-04-20 20:46 - 2013-02-01 12:58 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-04-20 20:46 - 2013-02-01 12:58 - 00124052 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00117636 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00116348 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-04-20 20:46 - 2013-02-01 12:58 - 00110080 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00105608 _____ C:\Windows\SysWOW64\igfcg575m.bin
2016-04-20 20:46 - 2013-02-01 12:58 - 00105608 _____ C:\Windows\system32\igfcg575m.bin
2016-04-20 20:46 - 2013-02-01 12:58 - 00098304 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00098304 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00094208 _____ C:\Windows\system32\IccLibDll_x64.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2993.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00062464 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00059243 _____ C:\Windows\system32\iglhxo64.vp
2016-04-20 20:46 - 2013-02-01 12:58 - 00059174 _____ C:\Windows\system32\iglhxg64.vp
2016-04-20 20:46 - 2013-02-01 12:58 - 00059062 _____ C:\Windows\system32\iglhxc64.vp
2016-04-20 20:46 - 2013-02-01 12:58 - 00028672 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00024576 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00017444 _____ C:\Windows\system32\iglhxs64.vp
2016-04-20 20:46 - 2013-02-01 12:58 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-04-20 20:46 - 2013-02-01 12:58 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-04-20 20:46 - 2013-02-01 12:58 - 00000146 _____ C:\Windows\system32\GfxUI.exe.config
2016-04-20 20:46 - 2011-08-23 01:42 - 00317440 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-04-20 20:46 - 2011-08-23 01:42 - 00014848 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2016-04-20 20:46 - 2010-02-26 12:02 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2016-04-20 20:45 - 2016-04-20 20:46 - 00000000 ____D C:\Program Files\DIFX
2016-04-20 20:44 - 2011-07-15 21:31 - 00022128 _____ (ST Microelectronics) C:\Windows\system32\Drivers\stdcfltn.sys
2016-04-20 20:43 - 2016-04-20 20:43 - 00000000 ____D C:\Program Files\STMicroelectronics
2016-04-20 20:42 - 2016-04-20 20:42 - 00000000 ____D C:\dell
2016-04-20 20:41 - 2016-04-24 16:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-20 20:41 - 2016-04-20 20:41 - 00000000 ____D C:\Program Files (x86)\STMicroelectronics
2016-04-20 20:41 - 2012-05-23 10:22 - 00081520 _____ (ST Microelectronics) C:\Windows\system32\accelernco01.dll
2016-04-20 20:41 - 2012-05-23 10:22 - 00027760 _____ (ST Microelectronics) C:\Windows\system32\Drivers\accelern.sys
2016-04-20 20:40 - 2016-04-20 20:41 - 13536952 _____ (Dell Inc.) C:\Users\wrecken\Downloads\Chipset_Driver_RCHTX_WN_2.00.10.34_A11(1).EXE
2016-04-20 20:39 - 2016-04-20 20:39 - 00000000 ____D C:\Users\wrecken\AppData\Local\Dell
2016-04-20 20:38 - 2016-04-20 20:44 - 294586208 _____ C:\Users\wrecken\Downloads\DDPA_Setup_X1C1N_A09_64bits_ZPE.exe
2016-04-20 20:38 - 2016-04-20 20:43 - 189497952 _____ (Dell Inc.) C:\Users\wrecken\Downloads\DDP_Application_TDC1K_WN_2.2.00003.009_A06.EXE
2016-04-20 20:38 - 2016-04-20 20:38 - 04300104 _____ C:\Users\wrecken\Downloads\CW1394A0.exe
2016-04-20 20:37 - 2016-04-20 20:42 - 93179176 _____ (Dell Inc.) C:\Users\wrecken\Downloads\Video_Driver_W33X5_WN_8.15.10.2993_A11.EXE
2016-04-20 20:37 - 2016-04-20 20:41 - 71707184 _____ (Dell Inc.) C:\Users\wrecken\Downloads\R296919.EXE
2016-04-20 20:37 - 2016-04-20 20:41 - 69216640 _____ (Dell Inc.) C:\Users\wrecken\Downloads\Input_Driver_GGY5W_WN_8.1200.101.127_A06.EXE
2016-04-20 20:37 - 2016-04-20 20:40 - 65738376 _____ C:\Users\wrecken\Downloads\R285455.exe
2016-04-20 20:31 - 2016-04-25 17:33 - 00000000 ___HD C:\Windows\system32\WLANProfiles
2016-04-20 20:30 - 2016-04-20 20:30 - 13536952 _____ (Dell Inc.) C:\Users\wrecken\Downloads\Chipset_Driver_RCHTX_WN_2.00.10.34_A11.EXE
2016-04-20 20:30 - 2016-04-20 20:30 - 05935792 _____ C:\Users\wrecken\Downloads\SWB_DRVR_ME6P2_4M_6_2_40_1045_MR_A04_SETUP_ZPE.exe
2016-04-20 20:30 - 2016-04-20 20:30 - 05100920 _____ C:\Users\wrecken\Downloads\Ricoh_multi-device_A01_R230630_setup_ZPE.exe
2016-04-20 20:30 - 2016-04-20 20:30 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Intel
2016-04-20 20:29 - 2016-04-20 20:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2016-04-20 20:28 - 2016-04-20 20:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-04-20 20:28 - 2016-04-20 20:49 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-04-20 20:28 - 2016-04-20 20:28 - 00000000 ____D C:\ProgramData\Intel
2016-04-20 20:28 - 2016-04-20 20:28 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-04-20 20:26 - 2016-04-24 15:23 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-20 20:26 - 2016-04-20 20:28 - 00000000 ____D C:\Program Files\Intel
2016-04-20 20:25 - 2016-04-20 21:14 - 00000000 ____D C:\ProgramData\Dell
2016-04-20 20:23 - 2016-04-20 20:24 - 144350696 _____ (Dell Inc.) C:\Users\wrecken\Downloads\Network_Driver_3MNPT_WN_15.10.0.10_A06.EXE
2016-04-20 20:22 - 2016-04-24 19:32 - 00000000 ____D C:\Users\wrecken\AppData\Local\Deployment
2016-04-20 20:22 - 2016-04-24 17:15 - 00108840 _____ C:\Users\wrecken\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-20 20:22 - 2016-04-20 20:22 - 00000000 ____D C:\Users\wrecken\AppData\Local\Apps\2.0
2016-04-20 20:04 - 2016-04-20 19:12 - 00000000 ____D C:\Windows\Panther
2016-04-20 19:26 - 2016-04-20 20:27 - 00000000 ____D C:\Users\wrecken\AppData\Local\Mozilla
2016-04-20 19:26 - 2016-04-20 20:21 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Mozilla
2016-04-20 19:25 - 2016-04-20 19:25 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-20 19:25 - 2016-04-20 19:25 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-20 19:25 - 2016-04-20 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-20 19:25 - 2016-04-20 19:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-20 19:12 - 2016-04-25 17:34 - 00001409 _____ C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-20 19:12 - 2016-04-24 17:17 - 00000000 ____D C:\Users\wrecken\AppData\Local\VirtualStore
2016-04-20 19:12 - 2016-04-23 21:35 - 00000000 ____D C:\Users\wrecken
2016-04-20 19:12 - 2016-04-20 19:12 - 00000020 ___SH C:\Users\wrecken\ntuser.ini
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Vorlagen
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Startmenü
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Netzwerkumgebung
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Lokale Einstellungen
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Eigene Dateien
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Druckumgebung
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Documents\Eigene Videos
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Documents\Eigene Musik
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Documents\Eigene Bilder
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\AppData\Local\Verlauf
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\AppData\Local\Anwendungsdaten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\wrecken\Anwendungsdaten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Programme
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\ProgramData\Favoriten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-04-20 19:12 - 2016-04-20 19:12 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-04-20 19:12 - 2011-04-12 09:54 - 00000000 ____D C:\Users\wrecken\AppData\Roaming\Media Center Programs
2016-04-20 19:09 - 2016-04-20 19:09 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-04-20 19:09 - 2016-04-20 19:09 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-04-20 19:08 - 2016-04-20 19:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-04-20 19:08 - 2016-04-20 19:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-04-13 17:53 - 2016-04-13 18:51 - 2452996552 _____ C:\Users\wrecken\Downloads\RG_V8_Rev.L_Customer_ROBOGUIDE.7z
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-25 20:52 - 2011-04-12 09:43 - 00698926 _____ C:\Windows\system32\perfh007.dat
2016-04-25 20:52 - 2011-04-12 09:43 - 00149034 _____ C:\Windows\system32\perfc007.dat
2016-04-25 20:52 - 2009-07-14 07:13 - 01592784 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-25 20:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-25 17:44 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-25 17:44 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-25 16:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-25 16:16 - 2009-07-14 06:45 - 00412688 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-25 16:11 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-04-25 16:11 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-04-25 16:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-04-25 16:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-04-25 16:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-04-25 16:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-04-25 16:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-04-24 15:31 - 2009-07-14 04:34 - 00017523 _____ C:\Windows\system32\Drivers\etc\services
2016-04-23 22:02 - 2011-12-05 09:22 - 00000000 ___RD C:\Users\wrecken\Documents\Notes
2016-04-23 22:02 - 2011-11-26 21:24 - 00000000 ___RD C:\Users\wrecken\Documents\Scanned Documents
2016-04-20 22:20 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2016-04-20 21:29 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2016-04-20 21:27 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-20 21:26 - 2011-04-12 09:54 - 00000000 ____D C:\Windows\ShellNew
2016-04-20 21:26 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-20 21:13 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-04-20 21:13 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-04-20 21:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-04-20 20:04 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2016-04-20 19:12 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2016-04-20 19:11 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-20 19:09 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-04-20 19:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-04-06 10:18 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-03-30 21:37 - 2016-01-26 21:31 - 00000000 ____D C:\Users\wrecken\Documents\SelfMV
Einige Dateien in TEMP:
====================
C:\Users\wrecken\AppData\Local\Temp\ChangeIcon.exe
C:\Users\wrecken\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-20 19:05
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-04-2016
durchgeführt von wrecken (2016-04-25 21:10:48)
Gestartet von C:\Users\wrecken\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-04-20 17:12:10)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2048369672-643187680-2407283211-500 - Administrator - Disabled)
Gast (S-1-5-21-2048369672-643187680-2407283211-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2048369672-643187680-2407283211-1002 - Limited - Enabled)
wrecken (S-1-5-21-2048369672-643187680-2407283211-1000 - Administrator - Enabled) => C:\Users\wrecken
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.34 - STMicroelectronics)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.15 - Adobe Systems Incorporated)
Another Matrix Screen Saver (HKLM-x32\...\Another Matrix Screen Saver_is1) (Version: - NicheScreenSavers.com)
AuthenTec WinBio FingerPrint Software 64-bit (Version: 3.4.2.1016 - AuthenTec, Inc.) Hidden
Avast Business Security (HKLM-x32\...\Avast) (Version: 11.1.2510 - AVAST Software)
Dell Custom Help (Version: 16.01.1000.0235 - Intel Corporation) Hidden
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00003.072 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-2048369672-643187680-2407283211-1000\...\58d94f3ce2c27db0) (Version: 7.4.0.3 - Dell)
Dell System Manager (HKLM\...\{9CC89928-4787-4ED5-9942-4EBF6C2468E6}) (Version: 1.7.10000 - Dell Inc.)
FANUC ROBOGUIDE (HKLM-x32\...\{9E2C7340-E595-427B-8136-C5133E4450D6}) (Version: V8.30139 (Rev.L) - FANUC Robotics America, Inc.)
FANUC Robotics Robot Neighborhood (HKLM-x32\...\{22B5A25F-85A9-4149-895D-7307E22875BA}) (Version: 8.30139.18.03 - FANUC Robotics America, Inc.)
FANUC Robotics Robot Server (HKLM-x32\...\{85950D11-0FA2-4058-AB3F-48AEC62C1165}) (Version: 8.30139.18.03 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V7.20 (HKLM-x32\...\{29DDB6F7-87D6-4DCE-A7D6-00CBD05C9A0D}) (Version: (Rev.R) - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V7.30 (HKLM-x32\...\{BCEAADAE-9259-40CB-9456-D4E44C74AAB7}) (Version: 7.3059.39.02 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V7.40 (HKLM-x32\...\{FEBBCC8B-BA36-4554-839E-DE7151B513D7}) (Version: 7.40112.22.04 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V7.50 (HKLM-x32\...\{4273ECBC-C67E-4AD9-BF96-BA47A5045492}) (Version: 7.50130.28.06 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V7.70 (HKLM-x32\...\{53F5FAAD-DA06-4A30-9811-7350DDB126F6}) (Version: 7.7096.48.02 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V8.10 (HKLM-x32\...\{D9653066-CF72-4B4B-8A0E-8D572513AA33}) (Version: 8.10109.27.04 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V8.13 (HKLM-x32\...\{FA4BBDA5-A60C-4363-AD31-E5CC344C244F}) (Version: 8.1326.15.05 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V8.20 (HKLM-x32\...\{78D6AF42-E1C3-447F-A9F4-52814AEEEEE4}) (Version: 8.20167.25.06 - FANUC Robotics America, Inc.)
FANUC Robotics Virtual Robot Controller V8.30 (HKLM-x32\...\{ACC5C1AD-626A-4DE6-8AEB-F4FF68A49D31}) (Version: 8.30139.18.06 - FANUC Robotics America, Inc.)
FANUC Robotics Vision Controls V8 (HKLM-x32\...\{3236D3BD-46AD-49FE-972C-436CA420D2E6}) (Version: 8.30139.18.02 - FANUC CORPORATION / FANUC Robotics America, Inc.)
FANUC Vision PC Controls V7.70 (HKLM-x32\...\{599C7020-56D9-4DB2-9B2F-262AA44630DF}) (Version: 7.7096.48.02 - FANUC CORPORATION / FANUC Robotics America, Inc.)
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (Version: 2.0.1 - Gemalto) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
O2Micro OZ776 SCR Driver (Version: 2.1.4.223GS - O2Micro) Hidden
O2Micro OZ776 SCR Driver (x32 Version: 2.1.4.223GS - O2Micro) Hidden
OrangeEdit 2.0 BETA (HKLM-x32\...\OrangeEdit_is1) (Version: 2.0.11.62 - OrangeApps GmbH)
PBA Driver-x64 (Version: 1.0.1.8 - Dell Inc.) Hidden
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 7 - Philipp Winterberg)
RealDownloader (x32 Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.3.104 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RICOH Media Driver ver.2.07.01.01 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.01 - RICOH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16035.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden
Update for Outlook 2007 Junk Email Filter (kb947945) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E397056B-7AE5-4FF1-8B13-276BF8201847}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.024 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1DED5AAB-B397-41D3-8450-9F2889CE8082} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2048369672-643187680-2407283211-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
Task: {323CAAD0-593A-4539-8AD2-413B8781C563} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-04-21] (AVAST Software)
Task: {510AB55E-4F6B-499C-922C-DEEF75F3EB51} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {7EFA78F2-A9FA-4486-91D5-FE2D28A88686} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-04-21] (AVAST Software)
Task: {91BB4DCE-F59F-4908-BCE7-98C01CE24AE9} - System32\Tasks\{4FF864C5-EDA6-4F07-A08B-4AC9EE2B5BA2} => C:\Program Files (x86)\FANUC\ROBOGUIDE\bin\ROBOGUIDE.exe [2015-12-24] (FANUC Robotics)
Task: {B1620D7D-43B3-418B-8B56-E641B6820AAE} - System32\Tasks\{B2815F2B-A96F-4699-A53E-C58F982BD6C5} => pcalua.exe -a E:\Programme\ALDITALKVerbindungsassistent\Setup.exe -d E:\Programme\ALDITALKVerbindungsassistent
Task: {C5E3FC15-7CBF-4714-BFEA-5B66552FC3EC} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-02-03] ()
Task: {ED1E5118-7BF4-4584-BB42-3BDF769B24A3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {FA18D084-F0F8-418C-9A8D-95ED611AE8E9} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2048369672-643187680-2407283211-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-02-03] (RealNetworks, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-02-03 18:49 - 2016-02-03 18:49 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2011-02-08 01:41 - 2011-02-08 01:41 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2016-03-28 20:07 - 2016-03-28 20:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-04-20 20:41 - 2012-09-05 12:51 - 00686744 _____ () C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
2016-04-20 20:46 - 2013-02-01 12:58 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-02-03 18:00 - 2016-02-03 18:00 - 00712432 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-04-21 07:01 - 2016-04-21 07:01 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-04-21 07:01 - 2016-04-21 07:01 - 00133256 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-24 13:45 - 2016-04-24 13:45 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16042400\algo.dll
2016-04-21 07:03 - 2016-04-21 07:03 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-25 20:22 - 2016-04-25 20:22 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16042500\algo.dll
2016-04-21 07:01 - 2016-04-21 07:01 - 00647360 _____ () C:\Program Files\AVAST Software\Avast\sqlite3.dll
2016-02-03 18:48 - 2016-02-03 18:48 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-02-03 18:48 - 2016-02-03 18:48 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-02-03 18:49 - 2016-02-03 18:49 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-04-21 07:01 - 2016-04-21 07:01 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-02-03 17:53 - 2016-02-03 17:53 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-04-21 12:19 - 2016-04-21 12:19 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2016-02-03 18:00 - 2016-02-03 18:00 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2048369672-643187680-2407283211-1000\...\dell.com -> dell.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
|
|
26.04.2016, 20:00
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | Bedenklicher Eintrag im Startmenü Addition.txt ist nicht komplett...
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
27.04.2016, 05:28
| #6 |
| | Bedenklicher Eintrag im StartmenüCode:
ATTFilter ==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2048369672-643187680-2407283211-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\wrecken\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: tcsd_win32.exe => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealTimes.lnk => C:\Windows\pss\RealTimes.lnk.CommonStartup
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{86A373C9-28CB-4FB8-A77D-1E099AD59F94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{59ABC7E2-FB28-4AD4-A947-4EFDF26D7864}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8681259F-9B49-4A3A-97D3-AE715AA6EF29}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{99373641-7B09-4927-9E79-ED8605B93B61}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{75EF70A6-B4CD-4378-B222-05AD383E966F}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{E5EA2F6D-B6D9-4891-B5CA-E632CA65A11E}] => (Allow) C:\PROGRA~2\FANUC\ROBOGU~1\bin\RGCore.exe
FirewallRules: [{018C0D34-1D3E-4234-BA47-6428AF991986}] => (Allow) C:\PROGRA~2\FANUC\Shared\ROBOTS~1\frrobot.exe
FirewallRules: [{CEBF90C4-277F-405E-8C17-D6B391EA3E99}] => (Allow) C:\PROGRA~2\FANUC\Shared\OFFLIN~1\FRVRC\FRVIRT~1.EXE
FirewallRules: [{9EEB0B71-BA8F-406B-ACEB-0644A29843F1}] => (Allow) C:\PROGRA~2\FANUC\Shared\ROBOTS~1\FRROBO~1.EXE
FirewallRules: [{5CABB7C4-0369-4B64-A94B-46E79B61A0A9}] => (Allow) C:\PROGRA~2\FANUC\Shared\UTILIT~1\FRLICE~1.EXE
==================== Wiederherstellungspunkte =========================
21-04-2016 11:31:22 Installed Samsung Kies
21-04-2016 11:53:10 Installed Samsung Kies3
21-04-2016 13:10:38 Installed Microsoft SQL Server Compact 3.5 SP2 ENU
21-04-2016 22:02:50 Windows Update
24-04-2016 14:11:29 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
24-04-2016 15:23:33 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
24-04-2016 15:29:48 Installed FANUC ROBOGUIDE
24-04-2016 16:19:59 Installed FANUC Vision PC Controls V7.70
24-04-2016 16:21:39 Installed FANUC Robotics Vision Controls V8
24-04-2016 20:01:12 Windows Update
25-04-2016 18:35:57 Windows Update
25-04-2016 20:00:43 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/25/2016 08:37:38 PM) (Source: MsiInstaller) (EventID: 11935) (User: NT-AUTORITÄT)
Description: Product: MSXML 4.0 SP2 (KB973688) -- Error 1935. An error occured during the installation of assembly component {7B2B4EA5-1028-B7E6-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9876.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"
Error: (04/25/2016 08:16:35 PM) (Source: MsiInstaller) (EventID: 11935) (User: NT-AUTORITÄT)
Description: Product: MSXML 4.0 SP2 (KB954430) -- Error 1935. An error occured during the installation of assembly component {7B30B69B-0E6C-B7E0-A06B-D6B9ABF34537}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.MSXML2,type="win32",version="4.20.9870.0",publicKeyToken="6bd6b9abf345378f",processorArchitecture="x86"
Error: (04/25/2016 05:33:11 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Error: (04/25/2016 04:47:07 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Error: (04/25/2016 04:41:01 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Error: (04/25/2016 04:38:55 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Error: (04/25/2016 04:36:42 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.Web.Mobile, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil . Error code = 0x80070020
Error: (04/25/2016 04:29:17 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Error: (04/25/2016 04:21:23 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Error: (04/25/2016 04:17:42 PM) (Source: bcc) (EventID: 1) (User: )
Description: synchronize - exchange FAILED -12 (1 retry)
Systemfehler:
=============
Error: (04/25/2016 08:51:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft XML Core Services 4.0 Service Pack 2 für x64-basierte Systeme (KB973688)
Error: (04/25/2016 08:31:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Sicherheitsupdate für Microsoft XML Core Services 4.0 Service Pack 2 für x64-Systeme (KB954430)
Error: (04/25/2016 05:35:13 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (04/25/2016 05:35:12 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error: (04/25/2016 04:21:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)
Error: (04/25/2016 04:14:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (04/25/2016 04:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Business Console Client Antivirus Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (04/25/2016 04:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Business Console Client" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (04/25/2016 04:14:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avast Antivirus" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109
Error: (04/25/2016 04:13:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast Business Console Client Antivirus Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-04-24 16:28:16.477
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\Machnm32.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-04-24 16:28:16.368
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\Machnm32.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-04-24 15:31:49.393
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\Machnm32.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-04-24 15:31:49.268
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\Machnm32.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-04-24 15:30:33.343
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\Machnm32.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-04-24 15:30:33.249
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\Machnm32.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Prozentuale Nutzung des RAM: 88%
Installierter physikalischer RAM: 2933.85 MB
Verfügbarer physikalischer RAM: 348.65 MB
Summe virtueller Speicher: 5865.91 MB
Verfügbarer virtueller Speicher: 2311.24 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:218.2 GB) (Free:89.36 GB) NTFS
Drive e: (INTENSO) (Fixed) (Total:465.64 GB) (Free:129.28 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E7637C42)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 19B84FEC)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
28.04.2016, 08:22
| #7 |
| /// TB-Ausbilder /// Anleitungs-Guru | Bedenklicher Eintrag im Startmenü Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
28.04.2016, 09:52
| #8 |
| | Bedenklicher Eintrag im StartmenüCode:
ATTFilter 10:46:54.0095 0x0490 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:46:57.0925 0x0490 ============================================================
10:46:57.0925 0x0490 Current date / time: 2016/04/28 10:46:57.0925
10:46:57.0925 0x0490 SystemInfo:
10:46:57.0925 0x0490
10:46:57.0925 0x0490 OS Version: 6.1.7601 ServicePack: 1.0
10:46:57.0925 0x0490 Product type: Workstation
10:46:57.0925 0x0490 ComputerName: WRECKEN-PC
10:46:57.0925 0x0490 UserName: wrecken
10:46:57.0925 0x0490 Windows directory: C:\Windows
10:46:57.0925 0x0490 System windows directory: C:\Windows
10:46:57.0925 0x0490 Running under WOW64
10:46:57.0925 0x0490 Processor architecture: Intel x64
10:46:57.0925 0x0490 Number of processors: 4
10:46:57.0925 0x0490 Page size: 0x1000
10:46:57.0925 0x0490 Boot type: Normal boot
10:46:57.0925 0x0490 ============================================================
10:47:01.0534 0x0490 KLMD registered as C:\Windows\system32\drivers\24113539.sys
10:47:02.0012 0x0490 System UUID: {8FE791E9-7173-EFE9-ECF1-F729294DE373}
10:47:03.0037 0x0490 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:47:03.0047 0x0490 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:47:03.0395 0x0490 ============================================================
10:47:03.0395 0x0490 \Device\Harddisk0\DR0:
10:47:03.0396 0x0490 MBR partitions:
10:47:03.0396 0x0490 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
10:47:03.0396 0x0490 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x1B465000
10:47:03.0396 0x0490 \Device\Harddisk1\DR1:
10:47:03.0396 0x0490 MBR partitions:
10:47:03.0397 0x0490 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
10:47:03.0397 0x0490 ============================================================
10:47:03.0670 0x0490 C: <-> \Device\Harddisk0\DR0\Partition2
10:47:03.0671 0x0490 E: <-> \Device\Harddisk1\DR1\Partition1
10:47:03.0671 0x0490 ============================================================
10:47:03.0671 0x0490 Initialize success
10:47:03.0671 0x0490 ============================================================
10:48:53.0757 0x1194 ============================================================
10:48:53.0757 0x1194 Scan started
10:48:53.0757 0x1194 Mode: Manual; SigCheck; TDLFS;
10:48:53.0757 0x1194 ============================================================
10:48:53.0757 0x1194 KSN ping started
10:48:56.0284 0x1194 KSN ping finished: true
10:48:58.0608 0x1194 ================ Scan system memory ========================
10:48:58.0608 0x1194 System memory - ok
10:48:58.0608 0x1194 ================ Scan services =============================
10:48:59.0076 0x1194 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
10:48:59.0326 0x1194 1394ohci - ok
10:48:59.0373 0x1194 [ 1575A815C27789061F34B4F55AE0B5C3, F41CF20CB26DF5F2BEA83463A790849DC240202CF558DE4F3BF6372230D42566 ] Acceler C:\Windows\system32\DRIVERS\accelern.sys
10:48:59.0451 0x1194 Acceler - ok
10:48:59.0482 0x1194 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:48:59.0513 0x1194 ACPI - ok
10:48:59.0529 0x1194 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:48:59.0653 0x1194 AcpiPmi - ok
10:48:59.0887 0x1194 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:48:59.0903 0x1194 AdobeARMservice - ok
10:49:00.0153 0x1194 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:49:00.0184 0x1194 AdobeFlashPlayerUpdateSvc - ok
10:49:00.0231 0x1194 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:49:00.0387 0x1194 adp94xx - ok
10:49:00.0433 0x1194 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:49:00.0527 0x1194 adpahci - ok
10:49:00.0543 0x1194 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:49:00.0652 0x1194 adpu320 - ok
10:49:00.0683 0x1194 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:49:00.0714 0x1194 AeLookupSvc - ok
10:49:00.0777 0x1194 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
10:49:00.0917 0x1194 AFD - ok
10:49:00.0948 0x1194 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:49:01.0057 0x1194 agp440 - ok
10:49:01.0089 0x1194 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:49:01.0120 0x1194 ALG - ok
10:49:01.0151 0x1194 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:49:01.0213 0x1194 aliide - ok
10:49:01.0213 0x1194 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:49:01.0276 0x1194 amdide - ok
10:49:01.0276 0x1194 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:49:01.0354 0x1194 AmdK8 - ok
10:49:01.0369 0x1194 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:49:01.0447 0x1194 AmdPPM - ok
10:49:01.0525 0x1194 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:49:01.0603 0x1194 amdsata - ok
10:49:01.0635 0x1194 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:49:01.0697 0x1194 amdsbs - ok
10:49:01.0900 0x1194 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:49:01.0931 0x1194 amdxata - ok
10:49:01.0978 0x1194 [ A9FB80B0BBA6F765F4E691B7AD4963A7, 06BC740AF47ACECEE3707C433357F872EA0D9F2CA1B9FC2489FA3B421A262EF0 ] AppID C:\Windows\system32\drivers\appid.sys
10:49:02.0071 0x1194 AppID - ok
10:49:02.0103 0x1194 [ C47B6624AF9AEE4146743DCB133A159D, 10D1E6C9F972C3A8CC304F38B0A52818A78D70B4AF71F6E22CE1773397FC2AB4 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:49:02.0134 0x1194 AppIDSvc - ok
10:49:02.0181 0x1194 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
10:49:02.0212 0x1194 Appinfo - ok
10:49:02.0212 0x1194 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:49:02.0321 0x1194 arc - ok
10:49:02.0321 0x1194 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:49:02.0383 0x1194 arcsas - ok
10:49:02.0633 0x1194 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:49:02.0664 0x1194 aspnet_state - ok
10:49:02.0867 0x1194 [ 28E2BACBE78E0AA693E1952BBB031B67, BD2125F6B0AE5028160001EFB26164C965E74514D260447E2E3449E9166A940F ] aswBcc C:\Program Files\AVAST Software\Avast\bcc.exe
10:49:02.0914 0x1194 aswBcc - ok
10:49:02.0945 0x1194 [ E3DC7F70E6B75A3AE57A671E6BFE14EE, C7835E1EFED3DD11D1B3189AAAE0904C5A0BC7F77D5C6E0BB7C44A47EFD9289C ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
10:49:03.0039 0x1194 aswHwid - ok
10:49:03.0054 0x1194 [ CD0F8FD566613DBA2303C272372DCD40, 29E03BEDECD8BE4F0A577EDD19E87A13D07A42A602440356BE0DA29E4B354D3C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
10:49:03.0117 0x1194 aswMonFlt - ok
10:49:03.0148 0x1194 [ 22DAE0645D566D8452BCDA8DD6219957, BA6862F5A888C934C6191D6AB20FB0193941AB436525DFE9A6FAE3D9B7F328FB ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
10:49:03.0241 0x1194 aswRdr - ok
10:49:03.0273 0x1194 [ 431A0AB82850F4B4E9BE78EBF6D63731, 0CCD84071EFC5BF7E3EBDBC877F487029D82E5A10F662CA00B53D80396E21ECD ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
10:49:03.0304 0x1194 aswRvrt - ok
10:49:03.0366 0x1194 [ 2F8F7239D6E6C1B1A345A5A0C29AC2FC, C5B64026D366C8EBC8AA12EE00C6D6175996B8020F1E613A7BA91C2A0DA07B16 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
10:49:03.0475 0x1194 aswSnx - ok
10:49:03.0538 0x1194 [ 484E8C6AD6F3050582638A8E741FF9FA, 10DF9719336D1656449D3A35568BFD0DE6D24DF95BDC9F5B0D15FAF2EE1B9C87 ] aswSP C:\Windows\system32\drivers\aswSP.sys
10:49:03.0631 0x1194 aswSP - ok
10:49:03.0663 0x1194 [ 18DD02CBF64B28CF9E749DFCEC6660A5, E812519FB93E64FCBF0BC1FAA039E9C29ACEA8822C01D35F068C3489EC36171E ] aswStm C:\Windows\system32\drivers\aswStm.sys
10:49:03.0709 0x1194 aswStm - ok
10:49:03.0803 0x1194 [ 227B9F700E7C4DAA4822E852383BBE6F, 60B094BBF428C9E031DFD54AC18D99A2C468C400A757919DF7C4927BDE7030DF ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
10:49:03.0850 0x1194 aswVmm - ok
10:49:03.0881 0x1194 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:49:03.0943 0x1194 AsyncMac - ok
10:49:03.0990 0x1194 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:49:04.0021 0x1194 atapi - ok
10:49:04.0084 0x1194 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:49:04.0146 0x1194 AudioEndpointBuilder - ok
10:49:04.0162 0x1194 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:49:04.0193 0x1194 AudioSrv - ok
10:49:04.0287 0x1194 [ F443FD1B03C79AE5DD2DEEBCA4DD28E3, B3C72A3AD7129E44717E76E979CDED1A32C88713C8E5F05D4EC9F5D897815015 ] Avast Business Console Client Antivirus Service C:\Program Files\AVAST Software\Avast\bccavsvc.exe
10:49:04.0365 0x1194 Avast Business Console Client Antivirus Service - ok
10:49:04.0380 0x1194 [ EA954D39A992E3194695B11D8D367369, C73B4361DBBDCBA1456DD095BD7296357FF1C6A33B1581884B4EE82E8518EE33 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:49:04.0411 0x1194 avast! Antivirus - ok
10:49:04.0458 0x1194 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:49:04.0505 0x1194 AxInstSV - ok
10:49:04.0552 0x1194 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:49:04.0708 0x1194 b06bdrv - ok
10:49:04.0770 0x1194 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:49:04.0848 0x1194 b57nd60a - ok
10:49:04.0879 0x1194 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:49:04.0911 0x1194 BDESVC - ok
10:49:04.0926 0x1194 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:49:04.0989 0x1194 Beep - ok
10:49:05.0067 0x1194 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:49:05.0145 0x1194 BFE - ok
10:49:05.0223 0x1194 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:49:05.0394 0x1194 BITS - ok
10:49:05.0425 0x1194 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:49:05.0472 0x0d9c Object required for P2P: [ 28E2BACBE78E0AA693E1952BBB031B67 ] aswBcc
10:49:05.0566 0x1194 blbdrive - ok
10:49:05.0597 0x1194 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:49:05.0737 0x1194 bowser - ok
10:49:05.0769 0x1194 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:49:05.0815 0x1194 BrFiltLo - ok
10:49:05.0831 0x1194 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:49:05.0862 0x1194 BrFiltUp - ok
10:49:05.0878 0x1194 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:49:05.0909 0x1194 Browser - ok
10:49:05.0940 0x1194 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:49:06.0018 0x1194 Brserid - ok
10:49:06.0034 0x1194 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:49:06.0112 0x1194 BrSerWdm - ok
10:49:06.0127 0x1194 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:49:06.0190 0x1194 BrUsbMdm - ok
10:49:06.0190 0x1194 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:49:06.0330 0x1194 BrUsbSer - ok
10:49:06.0424 0x1194 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:49:06.0455 0x1194 BthEnum - ok
10:49:06.0471 0x1194 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:49:06.0502 0x1194 BTHMODEM - ok
10:49:06.0564 0x1194 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:49:06.0642 0x1194 BthPan - ok
10:49:06.0689 0x1194 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:49:06.0767 0x1194 BTHPORT - ok
10:49:06.0829 0x1194 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:49:06.0892 0x1194 bthserv - ok
10:49:06.0954 0x1194 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:49:07.0017 0x1194 BTHUSB - ok
10:49:07.0095 0x1194 [ A0DFB69ADE3444C78B17636FCF28E898, 21B1E76F056C2AFD5DEAFD620D2F90F4F617F8E76A88CEA2196E69D2CFBEE88B ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
10:49:07.0157 0x1194 BTWAMPFL - ok
10:49:07.0219 0x1194 [ 7CF028CE78696882B327FF13D2DFA534, 624C88C3CB511DE5F8279B7E982632F81FDFCAC8F2B038B69FEB686400E0C4F8 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
10:49:07.0251 0x1194 btwaudio - ok
10:49:07.0282 0x1194 [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
10:49:07.0313 0x1194 btwavdt - ok
10:49:07.0516 0x1194 [ CC9DAE7759AC2C0D19111C0D38DDD232, 3E539DE221884647BCDB9DF95784F8B2F31B485024B0290128ABED41B4DE59FC ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:49:07.0578 0x1194 btwdins - ok
10:49:07.0625 0x1194 [ 9AD0FA253ED531D39FB2D74FE12A5FA9, 74AC5ECB4F770274BBA8EBC584A0F08FDDDA21C4BB2A2DDD4BB871DC47B1447C ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
10:49:07.0641 0x1194 btwl2cap - ok
10:49:07.0687 0x1194 [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
10:49:07.0703 0x1194 btwrchid - ok
10:49:07.0750 0x1194 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:49:07.0906 0x1194 cdfs - ok
10:49:07.0937 0x1194 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:49:08.0062 0x1194 cdrom - ok
10:49:08.0109 0x1194 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:49:08.0187 0x1194 CertPropSvc - ok
10:49:08.0187 0x1194 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:49:08.0280 0x1194 circlass - ok
10:49:08.0343 0x1194 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:49:08.0421 0x1194 CLFS - ok
10:49:08.0561 0x1194 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:49:08.0577 0x1194 clr_optimization_v2.0.50727_32 - ok
10:49:08.0670 0x1194 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:49:08.0686 0x1194 clr_optimization_v2.0.50727_64 - ok
10:49:08.0733 0x0a14 Object required for P2P: [ 2F8F7239D6E6C1B1A345A5A0C29AC2FC ] aswSnx
10:49:08.0920 0x1194 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:49:08.0982 0x1194 clr_optimization_v4.0.30319_32 - ok
10:49:09.0013 0x1194 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:49:09.0060 0x1194 clr_optimization_v4.0.30319_64 - ok
10:49:09.0107 0x1194 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:49:09.0138 0x1194 CmBatt - ok
10:49:09.0216 0x1194 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:49:09.0279 0x1194 cmdide - ok
10:49:09.0341 0x1194 [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
10:49:09.0466 0x1194 CNG - ok
10:49:09.0497 0x1194 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:49:09.0575 0x1194 Compbatt - ok
10:49:09.0591 0x1194 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:49:09.0715 0x1194 CompositeBus - ok
10:49:09.0747 0x1194 COMSysApp - ok
10:49:09.0747 0x1194 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:49:09.0825 0x1194 crcdisk - ok
10:49:09.0871 0x1194 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:49:09.0918 0x1194 CryptSvc - ok
10:49:09.0965 0x1194 [ E1617EC33B0B88FEC429BF6EB7B9FA52, 8F9A784674DDF4B2924645836AB03BA54D714FA16BB9130EE36E96C6D2073D6A ] dcdbas C:\Windows\system32\DRIVERS\dcdbas64.sys
10:49:10.0090 0x0d9c Object send P2P result: true
10:49:10.0246 0x1194 dcdbas - ok
10:49:10.0433 0x1194 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
10:49:10.0527 0x1194 DcomLaunch - ok
10:49:10.0605 0x1194 [ A90D2A2D55D0B4499934271927BC7C09, 1A4FDD078CB59AF63F7EFAE0B0A90D1EF86CBFED501D8EE07AA8EBC1144C1DE2 ] dcpsysmgrsvc C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
10:49:10.0636 0x1194 dcpsysmgrsvc - ok
10:49:10.0667 0x1194 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:49:10.0729 0x1194 defragsvc - ok
10:49:10.0729 0x1194 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:49:10.0807 0x1194 DfsC - ok
10:49:10.0839 0x1194 [ BC319C065335B10A5AA5938A677A60D5, 6F32AF2A440E763DC2ADD06F3422DCF3285BDFA9E69E5C3CD67A10F039B2830F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
10:49:10.0901 0x1194 dg_ssudbus - ok
10:49:10.0932 0x1194 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:49:10.0963 0x1194 Dhcp - ok
10:49:11.0073 0x1194 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
10:49:11.0151 0x1194 DiagTrack - ok
10:49:11.0213 0x1194 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:49:11.0353 0x1194 discache - ok
10:49:11.0385 0x0a14 Object send P2P result: true
10:49:11.0385 0x0a14 Object required for P2P: [ 484E8C6AD6F3050582638A8E741FF9FA ] aswSP
10:49:11.0416 0x1194 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
10:49:11.0447 0x1194 Disk - ok
10:49:11.0541 0x1194 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:49:11.0572 0x1194 Dnscache - ok
10:49:11.0603 0x1194 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:49:11.0665 0x1194 dot3svc - ok
10:49:11.0697 0x1194 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:49:11.0759 0x1194 DPS - ok
10:49:11.0790 0x1194 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:49:11.0837 0x1194 drmkaud - ok
10:49:11.0899 0x1194 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:49:12.0024 0x1194 DXGKrnl - ok
10:49:12.0055 0x1194 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:49:12.0102 0x1194 EapHost - ok
10:49:12.0211 0x1194 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:49:12.0383 0x1194 ebdrv - ok
10:49:12.0414 0x1194 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] EFS C:\Windows\System32\lsass.exe
10:49:12.0445 0x1194 EFS - ok
10:49:12.0539 0x1194 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:49:12.0617 0x1194 ehRecvr - ok
10:49:12.0617 0x1194 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:49:12.0664 0x1194 ehSched - ok
10:49:12.0726 0x1194 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:49:12.0789 0x1194 elxstor - ok
10:49:12.0804 0x1194 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:49:12.0945 0x1194 ErrDev - ok
10:49:13.0038 0x1194 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:49:13.0116 0x1194 EventSystem - ok
10:49:13.0974 0x0a14 Object send P2P result: true
10:49:13.0974 0x0a14 Object required for P2P: [ F443FD1B03C79AE5DD2DEEBCA4DD28E3 ] Avast Business Console Client Antivirus Service
10:49:14.0005 0x1194 [ 91CD2315EB4F0547E0A6573A9AF5B576, 65DEC986C7489010EC2E14FCEF96F998A4E6E60EDA12AACAB5914A9F7FECAEFA ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:49:14.0052 0x1194 EvtEng - ok
10:49:14.0083 0x1194 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:49:14.0177 0x1194 exfat - ok
10:49:14.0177 0x1194 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:49:14.0255 0x1194 fastfat - ok
10:49:14.0302 0x1194 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:49:14.0349 0x1194 Fax - ok
10:49:14.0349 0x1194 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:49:14.0411 0x1194 fdc - ok
10:49:14.0442 0x1194 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:49:14.0489 0x1194 fdPHost - ok
10:49:14.0505 0x1194 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:49:14.0551 0x1194 FDResPub - ok
10:49:14.0551 0x1194 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:49:14.0583 0x1194 FileInfo - ok
10:49:14.0583 0x1194 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:49:14.0676 0x1194 Filetrace - ok
10:49:14.0676 0x1194 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:49:14.0785 0x1194 flpydisk - ok
10:49:14.0801 0x1194 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:49:14.0848 0x1194 FltMgr - ok
10:49:14.0926 0x1194 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
10:49:14.0988 0x1194 FontCache - ok
10:49:15.0035 0x1194 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:49:15.0051 0x1194 FontCache3.0.0.0 - ok
10:49:15.0051 0x1194 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:49:15.0113 0x1194 FsDepends - ok
10:49:15.0144 0x1194 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:49:15.0207 0x1194 Fs_Rec - ok
10:49:15.0253 0x1194 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:49:15.0378 0x1194 fvevol - ok
10:49:15.0378 0x1194 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:49:15.0409 0x1194 gagp30kx - ok
10:49:15.0503 0x1194 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:49:15.0597 0x1194 gpsvc - ok
10:49:15.0628 0x1194 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:49:15.0675 0x1194 hcw85cir - ok
10:49:15.0737 0x1194 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:49:15.0862 0x1194 HdAudAddService - ok
10:49:15.0877 0x1194 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:49:15.0909 0x1194 HDAudBus - ok
10:49:15.0955 0x1194 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
10:49:15.0987 0x1194 HECIx64 - ok
10:49:16.0002 0x1194 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:49:16.0065 0x1194 HidBatt - ok
10:49:16.0065 0x1194 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:49:16.0189 0x1194 HidBth - ok
10:49:16.0205 0x1194 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:49:16.0236 0x1194 HidIr - ok
10:49:16.0252 0x1194 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:49:16.0299 0x1194 hidserv - ok
10:49:16.0377 0x1194 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:49:16.0408 0x1194 HidUsb - ok
10:49:16.0423 0x1194 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:49:16.0486 0x1194 hkmsvc - ok
10:49:16.0533 0x0a14 Object send P2P result: true
10:49:16.0533 0x1194 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:49:16.0548 0x1194 HomeGroupListener - ok
10:49:16.0611 0x1194 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:49:16.0626 0x1194 HomeGroupProvider - ok
10:49:16.0642 0x1194 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:49:16.0704 0x1194 HpSAMD - ok
10:49:16.0767 0x1194 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:49:16.0923 0x1194 HTTP - ok
10:49:17.0032 0x1194 [ CDAA8E257BB625B2387219E605DDE37D, 2AAA32AFC3576DBBC422557F871B934F544642EB9B85E89971F0146E2021C187 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:49:17.0063 0x1194 hwdatacard - ok
10:49:17.0063 0x1194 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:49:17.0110 0x1194 hwpolicy - ok
10:49:17.0110 0x1194 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:49:17.0157 0x1194 i8042prt - ok
10:49:17.0219 0x1194 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:49:17.0297 0x1194 iaStorV - ok
10:49:17.0375 0x1194 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:49:17.0422 0x1194 idsvc - ok
10:49:17.0453 0x1194 IEEtwCollectorService - ok
10:49:18.0124 0x1194 [ C458A0B66D11CBABD113EAC828276A8C, FF31B49BAF36358A16FA5478036C6431DE877BA30D6F6DF85FD0A2FA6E6CB0E1 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:49:18.0639 0x1194 igfx - ok
10:49:18.0670 0x1194 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:49:18.0701 0x1194 iirsp - ok
10:49:18.0763 0x1194 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:49:18.0888 0x1194 IKEEXT - ok
10:49:18.0951 0x1194 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
10:49:18.0997 0x1194 Impcd - ok
10:49:19.0185 0x1194 [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:49:19.0231 0x1194 IntcDAud - ok
10:49:19.0263 0x1194 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:49:19.0278 0x1194 intelide - ok
10:49:19.0309 0x1194 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:49:19.0372 0x1194 intelppm - ok
10:49:19.0387 0x1194 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:49:19.0450 0x1194 IPBusEnum - ok
10:49:19.0450 0x1194 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:49:19.0575 0x1194 IpFilterDriver - ok
10:49:19.0684 0x1194 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:49:19.0746 0x1194 iphlpsvc - ok
10:49:19.0762 0x1194 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:49:19.0809 0x1194 IPMIDRV - ok
10:49:19.0824 0x1194 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:49:19.0902 0x1194 IPNAT - ok
10:49:19.0918 0x1194 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:49:19.0965 0x1194 IRENUM - ok
10:49:19.0980 0x1194 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:49:20.0011 0x1194 isapnp - ok
10:49:20.0058 0x1194 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:49:20.0105 0x1194 iScsiPrt - ok
10:49:20.0105 0x1194 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:49:20.0136 0x1194 kbdclass - ok
10:49:20.0152 0x1194 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
10:49:20.0214 0x1194 kbdhid - ok
10:49:20.0245 0x1194 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] KeyIso C:\Windows\system32\lsass.exe
10:49:20.0277 0x1194 KeyIso - ok
10:49:20.0308 0x1194 [ B6C2FA7F5E5BC1A488A57C6344D29D64, 857245D664CF9ED8121E2087D73F85DA3FED721484DDC6B51AF6A344EC29A27F ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:49:20.0386 0x1194 KSecDD - ok
10:49:20.0401 0x1194 [ FB4397DDCC732DB6A7B33B747C7EB708, AD8B9500AAE12C1507B982B74B86731BE75AFAC7F64538332A380AC43EDEC271 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:49:20.0464 0x1194 KSecPkg - ok
10:49:20.0495 0x1194 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:49:20.0542 0x1194 ksthunk - ok
10:49:20.0573 0x1194 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:49:20.0651 0x1194 KtmRm - ok
10:49:20.0682 0x1194 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:49:20.0745 0x1194 LanmanServer - ok
10:49:20.0760 0x1194 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:49:20.0807 0x1194 LanmanWorkstation - ok
10:49:20.0838 0x1194 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:49:20.0916 0x1194 lltdio - ok
10:49:20.0947 0x1194 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:49:20.0994 0x1194 lltdsvc - ok
10:49:21.0010 0x1194 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:49:21.0057 0x1194 lmhosts - ok
10:49:21.0244 0x1194 [ D60FD98FC8E01D14565C8EBC68E8793A, 1D18A5A1AE1C4E58ED177D2067F4F83FE3C2F5503262AB1624556BAC313A5641 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:49:21.0275 0x1194 LMS - ok
10:49:21.0322 0x1194 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:49:21.0369 0x1194 LSI_FC - ok
10:49:21.0369 0x1194 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:49:21.0400 0x1194 LSI_SAS - ok
10:49:21.0415 0x1194 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:49:21.0431 0x1194 LSI_SAS2 - ok
10:49:21.0447 0x1194 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:49:21.0478 0x1194 LSI_SCSI - ok
10:49:21.0478 0x1194 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:49:21.0587 0x1194 luafv - ok
10:49:21.0618 0x1194 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:49:21.0649 0x1194 Mcx2Svc - ok
10:49:21.0649 0x1194 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:49:21.0681 0x1194 megasas - ok
10:49:21.0696 0x1194 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:49:21.0727 0x1194 MegaSR - ok
10:49:21.0868 0x1194 [ 033B947AF4A997820E86FCB070B1F450, 2F54F9D1E8374187B2F206E7CF22A907C735C71F38445A94BDC84E83081D3A88 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
10:49:21.0883 0x1194 Microsoft Office Groove Audit Service - ok
10:49:21.0915 0x1194 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:49:21.0961 0x1194 MMCSS - ok
10:49:21.0977 0x1194 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:49:22.0055 0x1194 Modem - ok
10:49:22.0071 0x1194 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:49:22.0117 0x1194 monitor - ok
10:49:22.0117 0x1194 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:49:22.0164 0x1194 mouclass - ok
10:49:22.0164 0x1194 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:49:22.0195 0x1194 mouhid - ok
10:49:22.0227 0x1194 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:49:22.0289 0x1194 mountmgr - ok
10:49:22.0336 0x1194 [ F5CEB5CE82DC9CC94873C487DF2BA73C, 21F3335A9F01084F6F95F16D61D3E3ED80CE3D887ED15DD025D4E296F239B16B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:49:22.0351 0x1194 MozillaMaintenance - ok
10:49:22.0367 0x1194 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:49:22.0398 0x1194 mpio - ok
10:49:22.0398 0x1194 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:49:22.0476 0x1194 mpsdrv - ok
10:49:22.0539 0x1194 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:49:22.0648 0x1194 MpsSvc - ok
10:49:22.0695 0x1194 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:49:22.0773 0x1194 MRxDAV - ok
10:49:22.0819 0x1194 [ ACEC16415275E1AD6F7983EF472810E3, E5017E157954F6C21AA66233FF2C1A6B1FF3E4685F26648A8A21F2B9718DD97C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:49:22.0866 0x1194 mrxsmb - ok
10:49:22.0929 0x1194 [ 0F276F2F2018296FABC7BD2BCCAAB40B, 378A36F7282EE9FFEC8A1D5783ECD0A428E0215B1774AAA166C5AA09B3C636F7 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:49:23.0038 0x1194 mrxsmb10 - ok
10:49:23.0100 0x1194 [ 1D4B7972375052F5B7877A6FD9BE33A0, B3FD235F6FE975F1869436ED1215913F0E8EB1123BB252FD221C35AB1121C3F5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:49:23.0163 0x1194 mrxsmb20 - ok
10:49:23.0194 0x1194 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:49:23.0209 0x1194 msahci - ok
10:49:23.0241 0x1194 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:49:23.0319 0x1194 msdsm - ok
10:49:23.0350 0x1194 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:49:23.0381 0x1194 MSDTC - ok
10:49:23.0381 0x1194 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:49:23.0475 0x1194 Msfs - ok
10:49:23.0490 0x1194 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:49:23.0568 0x1194 mshidkmdf - ok
10:49:23.0584 0x1194 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:49:23.0599 0x1194 msisadrv - ok
10:49:23.0677 0x1194 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:49:23.0771 0x1194 MSiSCSI - ok
10:49:23.0771 0x1194 msiserver - ok
10:49:24.0286 0x1194 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:49:24.0348 0x1194 MSKSSRV - ok
10:49:24.0348 0x1194 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:49:24.0426 0x1194 MSPCLOCK - ok
10:49:24.0426 0x1194 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:49:24.0504 0x1194 MSPQM - ok
10:49:24.0535 0x1194 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:49:24.0629 0x1194 MsRPC - ok
10:49:24.0645 0x1194 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:49:24.0676 0x1194 mssmbios - ok
10:49:24.0691 0x1194 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:49:24.0769 0x1194 MSTEE - ok
10:49:24.0785 0x1194 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:49:24.0832 0x1194 MTConfig - ok
10:49:24.0832 0x1194 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:49:24.0863 0x1194 Mup - ok
10:49:24.0925 0x1194 [ 85B42715B134BF8ABE035078F81E0A8C, B522D9BA55102FFD9138A6B6B85C9FACB4DD7D7565F4B276E44536B61962D78D ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:49:24.0941 0x1194 MyWiFiDHCPDNS - ok
10:49:25.0003 0x1194 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:49:25.0113 0x1194 napagent - ok
10:49:25.0159 0x1194 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:49:25.0253 0x1194 NativeWifiP - ok
10:49:25.0362 0x1194 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:49:25.0471 0x1194 NDIS - ok
10:49:25.0503 0x1194 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:49:25.0596 0x1194 NdisCap - ok
10:49:25.0612 0x1194 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:49:25.0674 0x1194 NdisTapi - ok
10:49:25.0690 0x1194 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:49:25.0768 0x1194 Ndisuio - ok
10:49:25.0768 0x1194 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:49:25.0830 0x1194 NdisWan - ok
10:49:25.0846 0x1194 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:49:25.0924 0x1194 NDProxy - ok
10:49:25.0924 0x1194 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:49:25.0986 0x1194 NetBIOS - ok
10:49:26.0002 0x1194 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:49:26.0080 0x1194 NetBT - ok
10:49:26.0142 0x1194 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] Netlogon C:\Windows\system32\lsass.exe
10:49:26.0173 0x1194 Netlogon - ok
10:49:26.0236 0x1194 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:49:26.0298 0x1194 Netman - ok
10:49:26.0345 0x1194 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:26.0376 0x1194 NetMsmqActivator - ok
10:49:26.0407 0x1194 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:26.0423 0x1194 NetPipeActivator - ok
10:49:26.0485 0x1194 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:49:26.0563 0x1194 netprofm - ok
10:49:26.0579 0x1194 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:26.0595 0x1194 NetTcpActivator - ok
10:49:26.0610 0x1194 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:49:26.0626 0x1194 NetTcpPortSharing - ok
10:49:27.0031 0x1194 [ 7D3646F4E3F2C27A1415F1685391F024, E5426EC1347DBA302C786B72B510C61BA694D7A1FE0023CA61A587672F8F3548 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwsw00.sys
10:49:27.0593 0x1194 NETwNs64 - ok
10:49:27.0624 0x1194 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:49:27.0671 0x1194 nfrd960 - ok
10:49:27.0733 0x1194 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:49:27.0796 0x1194 NlaSvc - ok
10:49:27.0811 0x1194 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:49:27.0889 0x1194 Npfs - ok
10:49:27.0921 0x1194 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:49:27.0967 0x1194 nsi - ok
10:49:27.0967 0x1194 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:49:28.0092 0x1194 nsiproxy - ok
10:49:28.0201 0x1194 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:49:28.0389 0x1194 Ntfs - ok
10:49:28.0420 0x1194 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:49:28.0529 0x1194 Null - ok
10:49:28.0560 0x1194 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:49:28.0591 0x1194 nvraid - ok
10:49:28.0623 0x1194 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:49:28.0654 0x1194 nvstor - ok
10:49:28.0685 0x1194 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:49:28.0716 0x1194 nv_agp - ok
10:49:28.0872 0x1194 [ E54AA592A65F317390EEE386A8821692, 7997F8C07802F6C49F06620B35C4C382ADD5419EA8BE02CD7AF0F2EF42A93E53 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:49:28.0903 0x1194 odserv - ok
10:49:28.0919 0x1194 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:49:28.0966 0x1194 ohci1394 - ok
10:49:29.0013 0x1194 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:49:29.0028 0x1194 ose - ok
10:49:29.0059 0x1194 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:49:29.0106 0x1194 p2pimsvc - ok
10:49:29.0137 0x1194 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:49:29.0169 0x1194 p2psvc - ok
10:49:29.0184 0x1194 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:49:29.0231 0x1194 Parport - ok
10:49:29.0262 0x1194 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:49:29.0340 0x1194 partmgr - ok
10:49:29.0418 0x1194 [ F76829EDCD7F5C3C8B500DCB6DC99B25, C39150796B4234D523C9F8114871781E194BD64F7E65C27E46D4035BC7964A08 ] PbaDrvSvc_x64 C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
10:49:29.0418 0x1194 PbaDrvSvc_x64 - detected UnsignedFile.Multi.Generic ( 1 )
10:49:31.0821 0x1194 Detect skipped due to KSN trusted
10:49:31.0821 0x1194 PbaDrvSvc_x64 - ok
10:49:31.0852 0x1194 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:49:31.0883 0x1194 PcaSvc - ok
10:49:31.0899 0x1194 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:49:31.0930 0x1194 pci - ok
10:49:31.0977 0x1194 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:49:31.0992 0x1194 pciide - ok
10:49:32.0023 0x1194 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:49:32.0086 0x1194 pcmcia - ok
10:49:32.0086 0x1194 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:49:32.0117 0x1194 pcw - ok
10:49:32.0179 0x1194 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:49:32.0273 0x1194 PEAUTH - ok
10:49:32.0491 0x1194 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:49:32.0523 0x1194 PerfHost - ok
10:49:32.0585 0x1194 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:49:32.0694 0x1194 pla - ok
10:49:32.0741 0x1194 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:49:32.0803 0x1194 PlugPlay - ok
10:49:32.0835 0x1194 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:49:32.0850 0x1194 PNRPAutoReg - ok
10:49:32.0897 0x1194 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:49:32.0913 0x1194 PNRPsvc - ok
10:49:32.0975 0x1194 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:49:33.0053 0x1194 PolicyAgent - ok
10:49:33.0115 0x1194 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:49:33.0178 0x1194 Power - ok
10:49:33.0225 0x1194 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:49:33.0287 0x1194 PptpMiniport - ok
10:49:33.0318 0x1194 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:49:33.0365 0x1194 Processor - ok
10:49:33.0443 0x1194 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:49:33.0459 0x1194 ProfSvc - ok
10:49:33.0490 0x1194 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:49:33.0521 0x1194 ProtectedStorage - ok
10:49:33.0552 0x1194 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:49:33.0630 0x1194 Psched - ok
10:49:33.0724 0x1194 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:49:33.0817 0x1194 ql2300 - ok
10:49:33.0849 0x1194 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:49:33.0880 0x1194 ql40xx - ok
10:49:33.0911 0x1194 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:49:33.0942 0x1194 QWAVE - ok
10:49:33.0958 0x1194 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:49:33.0989 0x1194 QWAVEdrv - ok
10:49:33.0989 0x1194 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:49:34.0067 0x1194 RasAcd - ok
10:49:34.0098 0x1194 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:49:34.0176 0x1194 RasAgileVpn - ok
10:49:34.0176 0x1194 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:49:34.0223 0x1660 Object required for P2P: [ F5CEB5CE82DC9CC94873C487DF2BA73C ] MozillaMaintenance
10:49:34.0239 0x1194 RasAuto - ok
10:49:34.0254 0x1194 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:49:34.0317 0x1194 Rasl2tp - ok
10:49:34.0332 0x1194 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:49:34.0395 0x1194 RasMan - ok
10:49:34.0410 0x1194 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:49:34.0504 0x1194 RasPppoe - ok
10:49:34.0519 0x1194 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:49:34.0629 0x1194 RasSstp - ok
10:49:34.0644 0x1194 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:49:34.0722 0x1194 rdbss - ok
10:49:34.0738 0x1194 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:49:34.0800 0x1194 rdpbus - ok
10:49:34.0816 0x1194 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:49:34.0894 0x1194 RDPCDD - ok
10:49:34.0894 0x1194 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:49:34.0956 0x1194 RDPENCDD - ok
10:49:34.0956 0x1194 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:49:35.0034 0x1194 RDPREFMP - ok
10:49:35.0065 0x1194 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:49:35.0159 0x1194 RDPWD - ok
10:49:35.0206 0x1194 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:49:35.0237 0x1194 rdyboost - ok
10:49:35.0331 0x1194 [ EC54B7C84757100169755977DC306AC7, 79A65DE41CA7B8EB2F65A9174AFA9B810EC5755F91C37ABD8F9F490360632C21 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
10:49:35.0346 0x1194 RealPlayerUpdateSvc - ok
10:49:35.0627 0x1194 [ 0E7AFE4B571C761FBB49DAD069DF3377, 20A2A0BFA2A00AFE35FA935A9F40B5AED838917137DC4E9143D45B90707A687F ] RealTimes Desktop Service C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
10:49:35.0674 0x1194 RealTimes Desktop Service - ok
10:49:35.0799 0x1194 [ 86177A203F65E08FB91D53A6F2475363, 1316208F182ECCB2DCC848E8CE707456ED6F6CD21001386F160B61AF455EFAAA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:49:35.0814 0x1194 RegSrvc - ok
10:49:35.0845 0x1194 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:49:35.0908 0x1194 RemoteAccess - ok
10:49:35.0970 0x1194 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:49:36.0079 0x1194 RemoteRegistry - ok
10:49:36.0126 0x1194 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:49:36.0157 0x1194 RFCOMM - ok
10:49:36.0235 0x1194 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9, 1841364D1ADC7DFD107AE3533BD8E37AD1E176EE5822D1B354A9E8E865029996 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
10:49:36.0313 0x1194 risdpcie - ok
10:49:36.0329 0x1194 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:49:36.0391 0x1194 RpcEptMapper - ok
10:49:36.0407 0x1194 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:49:36.0438 0x1194 RpcLocator - ok
10:49:36.0485 0x1194 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
10:49:36.0532 0x1194 RpcSs - ok
10:49:36.0594 0x1194 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:49:36.0688 0x1194 rspndr - ok
10:49:36.0703 0x1194 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] SamSs C:\Windows\system32\lsass.exe
10:49:36.0719 0x1194 SamSs - ok
10:49:36.0719 0x1194 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:49:36.0750 0x1660 Object send P2P result: true
10:49:36.0766 0x1194 sbp2port - ok
10:49:36.0828 0x1194 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:49:36.0875 0x1194 SCardSvr - ok
10:49:36.0891 0x1194 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:49:36.0953 0x1194 scfilter - ok
10:49:37.0031 0x1194 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
10:49:37.0156 0x1194 Schedule - ok
10:49:37.0203 0x1194 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:49:37.0265 0x1194 SCPolicySvc - ok
10:49:37.0312 0x1194 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
10:49:37.0359 0x1194 sdbus - ok
10:49:37.0421 0x1194 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:49:37.0468 0x1194 SDRSVC - ok
10:49:37.0468 0x1194 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:49:37.0515 0x1194 secdrv - ok
10:49:37.0561 0x1194 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
10:49:37.0593 0x1194 seclogon - ok
10:49:37.0624 0x1194 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:49:37.0671 0x1194 SENS - ok
10:49:37.0717 0x1194 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:49:37.0749 0x1194 SensrSvc - ok
10:49:37.0764 0x1194 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:49:37.0827 0x1194 Serenum - ok
10:49:37.0873 0x1194 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:49:37.0905 0x1194 Serial - ok
10:49:37.0905 0x1194 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:49:37.0983 0x1194 sermouse - ok
10:49:38.0014 0x1194 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:49:38.0107 0x1194 SessionEnv - ok
10:49:38.0107 0x1194 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:49:38.0170 0x1194 sffdisk - ok
10:49:38.0185 0x1194 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:49:38.0217 0x1194 sffp_mmc - ok
10:49:38.0232 0x1194 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:49:38.0263 0x1194 sffp_sd - ok
10:49:38.0263 0x1194 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:49:38.0295 0x1194 sfloppy - ok
10:49:38.0357 0x1194 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:49:38.0451 0x1194 SharedAccess - ok
10:49:38.0497 0x1194 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:49:38.0560 0x1194 ShellHWDetection - ok
10:49:38.0560 0x1194 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:49:38.0622 0x1194 SiSRaid2 - ok
10:49:38.0622 0x1194 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:49:38.0653 0x1194 SiSRaid4 - ok
10:49:38.0716 0x1194 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:49:38.0747 0x1194 SkypeUpdate - ok
10:49:38.0747 0x1194 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:49:38.0841 0x1194 Smb - ok
10:49:38.0997 0x1194 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:49:39.0012 0x1194 SNMPTRAP - ok
10:49:39.0028 0x1194 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:49:39.0090 0x1194 spldr - ok
10:49:39.0153 0x1194 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
10:49:39.0215 0x1194 Spooler - ok
10:49:39.0402 0x1194 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:49:39.0589 0x1194 sppsvc - ok
10:49:39.0605 0x1194 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:49:39.0667 0x1194 sppuinotify - ok
10:49:39.0699 0x1194 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:49:39.0792 0x1194 srv - ok
10:49:39.0823 0x1194 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:49:39.0901 0x1194 srv2 - ok
10:49:39.0933 0x1194 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:49:39.0995 0x1194 srvnet - ok
10:49:40.0042 0x1194 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:49:40.0104 0x1194 SSDPSRV - ok
10:49:40.0104 0x1194 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:49:40.0167 0x1194 SstpSvc - ok
10:49:40.0229 0x1194 [ 37680AECA1BF2D430719A297F68ECD49, 64E6A2C077316CE4807F2F480324F4011003686F698CCB0AA93C659DAAE1FAB5 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
10:49:40.0245 0x1194 ssudmdm - ok
10:49:40.0338 0x1194 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
10:49:40.0385 0x1194 ss_conn_service - ok
10:49:40.0416 0x1194 [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
10:49:40.0463 0x1194 stdcfltn - ok
10:49:40.0494 0x1194 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:49:40.0541 0x1194 stexstor - ok
10:49:40.0603 0x1194 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:49:40.0666 0x1194 stisvc - ok
10:49:40.0666 0x1194 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:49:40.0713 0x1194 swenum - ok
10:49:40.0744 0x1194 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:49:40.0822 0x1194 swprv - ok
10:49:40.0900 0x1194 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
10:49:40.0993 0x1194 SysMain - ok
10:49:41.0025 0x1194 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:49:41.0056 0x1194 TabletInputService - ok
10:49:41.0071 0x1194 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:49:41.0134 0x1194 TapiSrv - ok
10:49:41.0227 0x1194 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:49:41.0368 0x1194 Tcpip - ok
10:49:41.0461 0x1194 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:49:41.0586 0x1194 TCPIP6 - ok
10:49:41.0633 0x1194 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:49:41.0758 0x1194 tcpipreg - ok
10:49:41.0898 0x1194 [ 40C2F1FAEBF7D5E15A5F264B06D8CC70, AE4816932918E37AD33DBFFE51853B74FE9D1339AEF1B0BCE1C84EE07ADAD62F ] tcsd_win32.exe C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
10:49:41.0992 0x1194 tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
10:49:44.0488 0x1194 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
10:49:47.0015 0x1194 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:49:47.0046 0x1194 TDPIPE - ok
10:49:47.0077 0x1194 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:49:47.0124 0x1194 TDTCP - ok
10:49:47.0155 0x1194 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:49:47.0233 0x1194 tdx - ok
10:49:47.0249 0x1194 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:49:47.0280 0x1194 TermDD - ok
10:49:47.0327 0x1194 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:49:47.0389 0x1194 TermService - ok
10:49:47.0405 0x1194 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:49:47.0452 0x1194 Themes - ok
10:49:47.0483 0x1194 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:49:47.0545 0x1194 THREADORDER - ok
10:49:47.0577 0x1194 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:49:47.0655 0x1194 TrkWks - ok
10:49:47.0717 0x1194 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:49:47.0764 0x1194 TrustedInstaller - ok
10:49:47.0811 0x1194 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:49:47.0842 0x1194 tssecsrv - ok
10:49:47.0857 0x1194 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:49:47.0889 0x1194 TsUsbFlt - ok
10:49:47.0904 0x1194 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:49:47.0982 0x1194 TsUsbGD - ok
10:49:48.0013 0x1194 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:49:48.0029 0x0460 Object required for P2P: [ 0E7AFE4B571C761FBB49DAD069DF3377 ] RealTimes Desktop Service
10:49:48.0091 0x1194 tunnel - ok
10:49:48.0091 0x1194 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:49:48.0123 0x1194 uagp35 - ok
10:49:48.0154 0x1194 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:49:48.0232 0x1194 udfs - ok
10:49:48.0263 0x1194 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:49:48.0279 0x1194 UI0Detect - ok
10:49:48.0279 0x1194 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:49:48.0325 0x1194 uliagpkx - ok
10:49:48.0341 0x1194 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:49:48.0419 0x1194 umbus - ok
10:49:48.0419 0x1194 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:49:48.0450 0x1194 UmPass - ok
10:49:48.0622 0x1194 [ C7F80A34F5EFBFEF897A84400E4995A6, 967941FCC538EA7F3FA6955224B05A16543042E3394ACD201FEEB983B1BECE36 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:49:48.0731 0x1194 UNS - ok
10:49:48.0778 0x1194 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:49:48.0840 0x1194 upnphost - ok
10:49:48.0918 0x1194 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:49:48.0949 0x1194 usbccgp - ok
10:49:48.0996 0x1194 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:49:49.0027 0x1194 usbcir - ok
10:49:49.0043 0x1194 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:49:49.0090 0x1194 usbehci - ok
10:49:49.0137 0x1194 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:49:49.0168 0x1194 usbhub - ok
10:49:49.0183 0x1194 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:49:49.0230 0x1194 usbohci - ok
10:49:49.0246 0x1194 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:49:49.0293 0x1194 usbprint - ok
10:49:49.0324 0x1194 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:49:49.0371 0x1194 USBSTOR - ok
10:49:49.0386 0x1194 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:49:49.0433 0x1194 usbuhci - ok
10:49:49.0464 0x1194 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
10:49:49.0511 0x1194 usbvideo - ok
10:49:49.0542 0x1194 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:49:49.0589 0x1194 UxSms - ok
10:49:49.0605 0x1194 [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] VaultSvc C:\Windows\system32\lsass.exe
10:49:49.0620 0x1194 VaultSvc - ok
10:49:49.0636 0x1194 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:49:49.0651 0x1194 vdrvroot - ok
10:49:49.0714 0x1194 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:49:49.0776 0x1194 vds - ok
10:49:49.0776 0x1194 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:49:49.0807 0x1194 vga - ok
10:49:49.0807 0x1194 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:49:49.0901 0x1194 VgaSave - ok
10:49:49.0901 0x1194 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:49:49.0948 0x1194 vhdmp - ok
10:49:49.0995 0x1194 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:49:50.0010 0x1194 viaide - ok
10:49:50.0057 0x1194 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:49:50.0088 0x1194 volmgr - ok
10:49:50.0104 0x1194 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:49:50.0151 0x1194 volmgrx - ok
10:49:50.0182 0x1194 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:49:50.0229 0x1194 volsnap - ok
10:49:50.0229 0x1194 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:49:50.0260 0x1194 vsmraid - ok
10:49:50.0322 0x1194 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:49:50.0431 0x1194 VSS - ok
10:49:50.0447 0x1194 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:49:50.0494 0x1194 vwifibus - ok
10:49:50.0541 0x1194 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:49:50.0556 0x0460 Object send P2P result: true
10:49:50.0587 0x1194 vwififlt - ok
10:49:50.0587 0x1194 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:49:50.0619 0x1194 vwifimp - ok
10:49:50.0634 0x1194 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:49:50.0697 0x1194 W32Time - ok
10:49:50.0712 0x1194 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:49:50.0759 0x1194 WacomPen - ok
10:49:50.0790 0x1194 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:49:50.0853 0x1194 WANARP - ok
10:49:50.0853 0x1194 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:49:50.0915 0x1194 Wanarpv6 - ok
10:49:51.0024 0x1194 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:49:51.0102 0x1194 WatAdminSvc - ok
10:49:51.0196 0x1194 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:49:51.0289 0x1194 wbengine - ok
10:49:51.0321 0x1194 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:49:51.0352 0x1194 WbioSrvc - ok
10:49:51.0367 0x1194 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:49:51.0430 0x1194 wcncsvc - ok
10:49:51.0477 0x1194 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:49:51.0492 0x1194 WcsPlugInService - ok
10:49:51.0492 0x1194 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:49:51.0539 0x1194 Wd - ok
10:49:51.0679 0x1194 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:49:51.0835 0x1194 Wdf01000 - ok
10:49:51.0898 0x1194 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:49:51.0913 0x1194 WdiServiceHost - ok
10:49:51.0913 0x1194 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:49:51.0945 0x1194 WdiSystemHost - ok
10:49:52.0007 0x1194 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
10:49:52.0023 0x1194 WebClient - ok
10:49:52.0069 0x1194 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:49:52.0132 0x1194 Wecsvc - ok
10:49:52.0194 0x1194 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:49:52.0257 0x1194 wercplsupport - ok
10:49:52.0288 0x1194 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:49:52.0335 0x1194 WerSvc - ok
10:49:52.0366 0x1194 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:49:52.0413 0x1194 WfpLwf - ok
10:49:52.0428 0x1194 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:49:52.0444 0x1194 WIMMount - ok
10:49:52.0491 0x1194 WinDefend - ok
10:49:52.0522 0x1194 WinHttpAutoProxySvc - ok
10:49:52.0647 0x1194 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:49:52.0693 0x1194 Winmgmt - ok
10:49:52.0787 0x1194 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:49:52.0896 0x1194 WinRM - ok
10:49:52.0927 0x1194 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
10:49:52.0959 0x1194 WinUsb - ok
10:49:53.0021 0x1194 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:49:53.0099 0x1194 Wlansvc - ok
10:49:53.0115 0x1194 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:49:53.0146 0x1194 WmiAcpi - ok
10:49:53.0177 0x1194 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:49:53.0208 0x1194 wmiApSrv - ok
10:49:53.0286 0x1194 WMPNetworkSvc - ok
10:49:53.0286 0x1194 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:49:53.0333 0x1194 WPCSvc - ok
10:49:53.0333 0x1194 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:49:53.0364 0x1194 WPDBusEnum - ok
10:49:53.0364 0x1194 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:49:53.0442 0x1194 ws2ifsl - ok
10:49:53.0473 0x1194 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:49:53.0505 0x1194 wscsvc - ok
10:49:53.0520 0x1194 WSearch - ok
10:49:53.0598 0x1194 [ D7E88349BE0F01E4D8D776ADB1F325BF, 24555BEDD3BAFA18C8450354899286987B288CC2E9D2F2FEF1EE0D95A1771F50 ] WTGService C:\Program Files (x86)\WTGService.exe
10:49:53.0629 0x1194 WTGService - ok
10:49:53.0739 0x1194 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
10:49:53.0910 0x1194 wuauserv - ok
10:49:53.0957 0x1194 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:49:54.0019 0x1194 WudfPf - ok
10:49:54.0019 0x1194 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:49:54.0051 0x1194 WUDFRd - ok
10:49:54.0097 0x1194 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:49:54.0113 0x1194 wudfsvc - ok
10:49:54.0160 0x1194 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:49:54.0191 0x1194 WwanSvc - ok
10:49:54.0409 0x1194 [ 3C61B6CCD838534E98552530A491EE04, 16F24EDF109404BB19BC2DAAF747CD7FCA0644378E66869C1085E1E083DC4D78 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
10:49:54.0550 0x1194 ZeroConfigService - ok
10:49:54.0581 0x1194 ================ Scan global ===============================
10:49:54.0612 0x1194 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:49:54.0659 0x1194 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
10:49:54.0675 0x1194 [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
10:49:54.0737 0x1194 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:49:54.0784 0x1194 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:49:54.0799 0x1194 [ Global ] - ok
10:49:54.0799 0x1194 ================ Scan MBR ==================================
10:49:54.0815 0x1194 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:49:55.0283 0x1194 \Device\Harddisk0\DR0 - ok
10:49:55.0299 0x1194 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:49:55.0767 0x1194 \Device\Harddisk1\DR1 - ok
10:49:55.0767 0x1194 ================ Scan VBR ==================================
10:49:55.0767 0x1194 [ 05C51CC8F463DD4F21A9738DF30F01A4 ] \Device\Harddisk0\DR0\Partition1
10:49:55.0767 0x1194 \Device\Harddisk0\DR0\Partition1 - ok
10:49:55.0767 0x1194 [ C5A5D43D21E10202C9B402C0E9CEDB8E ] \Device\Harddisk0\DR0\Partition2
10:49:55.0782 0x1194 \Device\Harddisk0\DR0\Partition2 - ok
10:49:55.0782 0x1194 [ 806161EEE911A517E81424A415AF9F57 ] \Device\Harddisk1\DR1\Partition1
10:49:55.0782 0x1194 \Device\Harddisk1\DR1\Partition1 - ok
10:49:55.0782 0x1194 ================ Scan generic autorun ======================
10:49:55.0969 0x1194 [ 866DDA3561D0335AC42E4CB0350EBADA, A62B0E0AF4C3748AC902BDB35524BE416323D114955E45C68ABB052D17D69E13 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
10:49:56.0172 0x1194 IntelPROSet - ok
10:49:56.0235 0x1194 [ 0EBD14E7F5A374254754E7DB46A56CD4, FF91B8ABB8E3ACE9DFAE9B5227CFF4D406EEB9CBFCF7B92BA2BCAC3D8E9377E1 ] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
10:49:56.0266 0x1194 FreeFallProtection - ok
10:49:56.0297 0x1194 [ 30D95A8BC819CD080C32FC317A1DE788, 8E4ACD39A7A582DF4C6F422CD9FA225526A6A6AB5BF98BEB125061C7CD72A6F2 ] C:\Windows\system32\igfxtray.exe
10:49:56.0313 0x1194 IgfxTray - ok
10:49:56.0344 0x1194 [ 8F1E05D8E88518E165AEFFDDE8296AD1, E5F600BE5F891795E8E4FFA529C64B3448F4CE74DE9C6F0B8A9530E30FB2BC68 ] C:\Windows\system32\hkcmd.exe
10:49:56.0375 0x1194 HotKeysCmds - ok
10:49:56.0406 0x1194 [ 84F1444820B41B9633B625AFC0955A4B, D62D53C0EFAE90164D0AD8D5C5B52DF5C4EE8A2E35D7D910AB1D1505DF2D5852 ] C:\Windows\system32\igfxpers.exe
10:49:56.0422 0x1194 Persistence - ok
10:49:56.0578 0x1194 [ 35DCD380D4D579D8B8EA91D5D8AE444C, AC5B338FCD9358C2D519A7199B13794F33BFBE5BCE3AB5A6993A0D5A65A7EB1C ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
10:49:56.0593 0x1194 GrooveMonitor - ok
10:49:56.0952 0x1194 [ 2F9094580BF3A7C19095AD9916B98941, 263161801F4F3F0552D213BF81B64F7D6D1167461BCA32808F236958F1E2B014 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
10:49:57.0280 0x1194 AvastUI.exe - ok
10:49:57.0373 0x1194 [ 35425EAE058E3E1E85E4575B2FF03E48, 5592D94F425C12A6572D8CCDE51B9376616983BB2EC2174D2B2F602CF1E8A213 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
10:49:57.0436 0x1194 KiesTrayAgent - ok
10:49:57.0529 0x1194 [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4, CD89A31004E3E5A3253554CABF70B89D4F2FCBC40161FFA9E633CD85261A2769 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:49:57.0623 0x1194 Adobe ARM - ok
10:49:57.0685 0x1194 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:57.0763 0x1194 Sidebar - ok
10:49:57.0795 0x1194 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:57.0826 0x1194 mctadmin - ok
10:49:57.0857 0x1194 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:49:57.0904 0x1194 Sidebar - ok
10:49:57.0919 0x1194 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:49:57.0935 0x1194 mctadmin - ok
10:49:58.0029 0x1194 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:49:58.0091 0x1194 Sidebar - ok
10:49:58.0107 0x1194 Waiting for KSN requests completion. In queue: 94
10:49:59.0121 0x1194 Waiting for KSN requests completion. In queue: 94
10:50:00.0135 0x1194 Waiting for KSN requests completion. In queue: 94
10:50:00.0540 0x11a8 Object required for P2P: [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:50:01.0149 0x1194 Waiting for KSN requests completion. In queue: 6
10:50:02.0163 0x1194 Waiting for KSN requests completion. In queue: 6
10:50:03.0083 0x11a8 Object send P2P result: true
10:50:03.0224 0x1194 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2510.353 ), 0x41000 ( enabled : updated )
10:50:03.0286 0x1194 Win FW state via NFP2: enabled ( trusted )
10:50:05.0766 0x1194 ============================================================
10:50:05.0766 0x1194 Scan finished
10:50:05.0766 0x1194 ============================================================
10:50:05.0766 0x173c Detected object count: 1
10:50:05.0766 0x173c Actual detected object count: 1
10:51:27.0932 0x173c tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:27.0932 0x173c tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
28.04.2016, 09:58
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | Bedenklicher Eintrag im Startmenü Schritt 1 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
28.04.2016, 16:22
| #10 |
| | Bedenklicher Eintrag im StartmenüCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=765af714c7e19944afd3c2be91e3822f
# end=init
# utc_time=2016-04-28 09:39:30
# local_time=2016-04-28 11:39:30 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29280
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=765af714c7e19944afd3c2be91e3822f
# end=updated
# utc_time=2016-04-28 09:45:25
# local_time=2016-04-28 11:45:25 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=765af714c7e19944afd3c2be91e3822f
# engine=29280
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-28 02:24:39
# local_time=2016-04-28 04:24:39 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=793 16777213 83 96 626238 6044490 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 20039 213483329 0 0
# scanned=2702714
# found=3
# cleaned=0
# scan_time=16753
sh=7DB115CF8B442DD28B045610FAAABA08A45E97FC ft=1 fh=d7ba6f1bc08b484c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\wrecken\AppData\Local\Temp\DMR\dmr_72.exe"
sh=BF5DEB5FE04BB1340EF70022D9A48E84A65D6965 ft=1 fh=e79a135783b9a5cd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\wrecken\Downloads\RarZilla Free Unrar - CHIP-Installer.exe"
sh=9753CEAA775F97002FC11839D344CB757FE0545A ft=1 fh=2a56961f3f0fe068 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\wrecken\Downloads\VLC media player 64 Bit - CHIP-Installer.exe"
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=765af714c7e19944afd3c2be91e3822f
# end=init
# utc_time=2016-04-28 09:39:30
# local_time=2016-04-28 11:39:30 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29280
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=765af714c7e19944afd3c2be91e3822f
# end=updated
# utc_time=2016-04-28 09:45:25
# local_time=2016-04-28 11:45:25 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=765af714c7e19944afd3c2be91e3822f
# engine=29280
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-28 02:24:39
# local_time=2016-04-28 04:24:39 (+0100, Mitteleuropäische Sommerzeit)
# country="United Kingdom"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=793 16777213 83 96 626238 6044490 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 20039 213483329 0 0
# scanned=2702714
# found=3
# cleaned=0
# scan_time=16753
sh=7DB115CF8B442DD28B045610FAAABA08A45E97FC ft=1 fh=d7ba6f1bc08b484c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\wrecken\AppData\Local\Temp\DMR\dmr_72.exe"
sh=BF5DEB5FE04BB1340EF70022D9A48E84A65D6965 ft=1 fh=e79a135783b9a5cd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\wrecken\Downloads\RarZilla Free Unrar - CHIP-Installer.exe"
sh=9753CEAA775F97002FC11839D344CB757FE0545A ft=1 fh=2a56961f3f0fe068 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\wrecken\Downloads\VLC media player 64 Bit - CHIP-Installer.exe"
|
|
28.04.2016, 21:20
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Bedenklicher Eintrag im Startmenü Schritt 1 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
29.04.2016, 14:18
| #12 |
| | Bedenklicher Eintrag im Startmenü Also wenn du nicht noch etwas auffäliges entdeckt hast in den diversen Logs würde ich sagen mein System ist sauber.Der Rechner läuft auch,allerdings meistens wirklich sehr langsam.Ich höre auch die Festplattengeräusche relativ laut.Aber ich denke jetzt liegts nur mehr an der Platte selber,wahrscheinlich einige Sektoren nicht mehr ganz astrein oder so.Werd mir überlegen vielleicht eine neue Platte reinzuhängen. Danke jedenfalls für dein Hilfe  |
|
29.04.2016, 19:43
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Bedenklicher Eintrag im Startmenü Gerne. Der Start-Eintrag ist übrigens von einem installierten Programm welches Du nicht sehen kannst: Code:
ATTFilter SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Wie hast Du denn Windows installiert?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
05.05.2016, 19:14
| #14 |
| | Bedenklicher Eintrag im Startmenü Sorry hab grad viel um die Ohren.Also Windows hab ich von einer Originalkopie von einem USB-Stick aus installiert.Alles läuft soweit,Updates,Firewall,Defender.Hab auch einen Hinweis von Microsoft,dass ich kostenlos auf Windows 10 upgraden könnte.Werd ich aber nicht machen. |
|
06.05.2016, 22:31
| #15 |
| /// TB-Ausbilder /// Anleitungs-Guru | Bedenklicher Eintrag im Startmenü Das Zeug von oben muss ja irgendwo herkommen. Das ist so aber nicht auf einer Installations-DVD...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Bedenklicher Eintrag im Startmenü |
| adobe, autorun, avast, bho, desktop, dll, error, excel, explorer, failed, flash player, format, home, install.exe, langsam, mozilla, programme, registry, rundll, scan, security, server, software, svchost.exe, usb, windows |
Linear-Darstellung
