Google Chrome Plugin Werbung

jack1989 · 20.08.2016, 12:30

Servus Board,

ich hab bei einem Familienmitglied meiner Freundin in Serbien eine Malware nicht entfernen können. Bereits probiert wurde es mit Malwarebytes Antimalware und ADW Cleaner.

Auffällig geworden ist es anhand zwei Erscheinungen:
1. Werbeeinblendungen in Google Chrome
2. Zugriffsfehler bei Adobe Reader DC beim Öffnen von PDF Dokumenten.

Allerdings kommt nach Entfernen des Schädlings bei AdwCleaner das Problem immer wieder.Nach dem Neustart möchte sich direkt danach ein Plugin / Addin bei Google Chrome installieren "Bing Search" (oder ähnlich).

Den Virenschutz, Avira Antivir, habe ich in Vorbereitung deinstalliert, damit dieser nicht weiter stört.

Ich erbitte euch hier um Hilfe, vielen Dank im Voraus

Edit1: In selbstständiger Recherche-arbeit habe ich diese Seite über den PUP / Malware gefunden
https://www.reasoncoresecurity.com/manifest.json-0bdd42150b7c3144f56e242d25479b6dc802042d.aspx
Eigentlich müsste mal alle Recherche-Ergebnisse und Dateien an die gängigen Anti-Malware-Hersteller schicken fürs Einfügen in die Malware-Datenbank

Malwarebyte Anti-Malware Log

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 8/20/2016
Suchlaufzeit: 11:23
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.20.04
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: intell

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 300930
Abgelaufene Zeit: 13 Min., 17 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

AdwCleaner Log

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.000 - Bericht erstellt am 20/08/2016 um 11:53:16
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-08-19.4 [Server]
# Betriebssystem : Windows 7 Ultimate  (X64)
# Benutzername : intell - INTELL-PC
# Gestartet von : C:\Users\intell\Downloads\adwcleaner_6.000.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Wert Gefunden: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd []


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Chrome pref Gefunden: [C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - fcfenmboojpjinhpgggodefccipikbpd

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1276 Bytes] - [20/08/2016 11:53:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1349 Bytes] ##########

--- --- ---

Hier ein Screenshoot der Malware, die sich in Chrome hinzufügen möchte

https://i.imgur.com/QctbBTs.png

burningice · 20.08.2016, 12:47

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

jack1989 · 20.08.2016, 13:12

Servus Rafael,

zuersteinmal danke für die schnelle Antwort. Vielleicht sind wir bald Kollegen hier auf trojaner-board.de, eine Bewerbung ist in Arbeit.

Ich hab zwischenzeitlich festgestellt, dass das System in einem fürchterlichen Patchlevel ist. Service Pack 1 fehlt und Internet Explorer ist auf Version 8. Die Windows Updates wurden wohl nie ausgeführt. Weiß nicht in wie weit der dortige IT-Dienstleister sich für kompetent gehalten hat oder nur gefährliches Halbwissen hat. Ich habe keine Schritte / Änderungen ausgeführt die nicht explizit angefragt worden sind.

FRST Log

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
Ran by intell (administrator) on INTELL-PC (20-08-2016 14:08:53)
Running from C:\Users\intell\Downloads
Loaded Profiles: intell (Available Profiles: intell)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\...\MountPoints2: {55d2ea39-c190-11e3-ba49-003005ef8e96} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{2B4634F1-F67C-4297-9E7B-675B378D425F}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Extension: Fasterfox - C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-08-18]
FF Extension: Adblock Plus - C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome: 
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.google.rs/?gws_rd=cr&ei=4FJ_U56rGIq5yQPp24CQBw"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd [2016-08-20]
CHR Extension: (Bing) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR HKLM\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.LEHSEAYKX2HMBYISHE5Q6KAQTQ - C:\Users\intell\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-08-14] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-08-14] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-08-14] (Acronis International GmbH)
S3 EverestDriver; \??\F:\programi\Everest 5.50\kerneld.amd64 [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 14:08 - 2016-08-20 14:09 - 00009589 _____ C:\Users\intell\Downloads\FRST.txt
2016-08-20 14:07 - 2016-08-20 14:08 - 00000000 ____D C:\FRST
2016-08-20 14:07 - 2016-08-20 14:07 - 02395648 _____ (Farbar) C:\Users\intell\Downloads\FRST64.exe
2016-08-20 12:43 - 2016-08-20 13:15 - 00000000 ____D C:\Program Files\Reason
2016-08-20 12:04 - 2016-08-20 12:04 - 00001433 _____ C:\Users\intell\Desktop\AdwCleaner[S0].txt
2016-08-20 11:51 - 2016-08-20 11:51 - 03784256 _____ C:\Users\intell\Desktop\adwcleaner_6.000.exe
2016-08-20 11:44 - 2016-08-20 11:53 - 00000000 ____D C:\AdwCleaner
2016-08-20 11:43 - 2016-08-20 11:43 - 00001204 _____ C:\Users\intell\Desktop\malwarebyte log.txt
2016-08-20 11:15 - 2016-08-20 11:15 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-20 10:50 - 2016-08-20 10:50 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-20 10:50 - 2016-08-20 10:50 - 00000965 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-18 01:06 - 2016-08-18 01:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-18 00:20 - 2016-08-18 00:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-08-18 00:08 - 2016-08-20 11:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-18 00:08 - 2016-08-20 11:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-18 00:08 - 2016-08-20 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-18 00:08 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-18 00:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-18 00:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-09 18:22 - 2016-08-09 18:22 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-09 18:22 - 2016-08-09 18:22 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-09 18:22 - 2016-08-09 18:22 - 00000000 ____D C:\Users\intell\AppData\Roaming\Mozilla
2016-08-09 18:21 - 2016-08-09 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-20 13:58 - 2015-02-25 20:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-20 13:52 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-20 13:52 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-20 13:39 - 2014-04-05 14:13 - 00000000 ____D C:\Users\intell\AppData\Local\ESET
2016-08-20 13:14 - 2015-12-26 20:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-20 12:10 - 2014-04-11 19:20 - 00108840 _____ C:\Users\intell\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-20 11:50 - 2015-08-14 15:19 - 00000000 ____D C:\Users\intell\Downloads\old
2016-08-20 11:47 - 2015-02-25 20:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-20 11:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-20 11:47 - 2009-07-14 06:45 - 05036568 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-20 11:40 - 2015-08-14 18:11 - 00000000 ____D C:\Windows\pss
2016-08-20 10:52 - 2014-04-13 17:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-20 10:51 - 2015-07-29 17:11 - 00000000 ____D C:\Users\intell\AppData\Local\Adobe
2016-08-20 10:51 - 2014-06-13 20:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-20 01:02 - 2014-04-05 13:35 - 00000000 ____D C:\Users\intell\AppData\Roaming\Skype
2016-08-18 01:02 - 2014-09-03 15:06 - 00001945 _____ C:\Windows\epplauncher.mif
2016-08-18 00:20 - 2015-07-28 20:41 - 00000000 ____D C:\ProgramData\Adobe
2016-08-15 20:44 - 2014-12-24 19:11 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-11 20:06 - 2014-04-05 13:34 - 00000000 ____D C:\ProgramData\Skype
2016-08-09 18:22 - 2014-05-10 14:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-09 18:19 - 2014-04-11 14:15 - 00000000 ____D C:\Users\intell\AppData\Local\ElevatedDiagnostics
2016-08-09 00:01 - 2015-07-15 22:16 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 00:01 - 2015-07-15 22:16 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-28 23:53 - 2015-02-25 20:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 23:53 - 2015-02-25 20:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 12:44 - 2015-08-20 09:00 - 00000000 ____D C:\Users\intell\AppData\Roaming\vlc
2016-07-28 12:33 - 2015-09-21 15:19 - 00000000 ____D C:\Users\intell\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2016-03-23 15:37 - 2016-03-23 15:37 - 0000132 _____ () C:\Users\intell\AppData\Roaming\Adobe PNG Format CS6 Prefs

Files to move or delete:
====================
C:\Users\LightroomPortable\LightroomPortable.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-16 23:18

==================== End of FRST.txt ============================

Addidons Log

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-08-2016
Ran by intell (20-08-2016 14:09:31)
Running from C:\Users\intell\Downloads
Windows 7 Ultimate (X64) (2014-04-05 11:04:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3642538609-3829134156-1005489332-500 - Administrator - Disabled)
Guest (S-1-5-21-3642538609-3829134156-1005489332-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3642538609-3829134156-1005489332-1002 - Limited - Enabled)
intell (S-1-5-21-3642538609-3829134156-1005489332-1000 - Administrator - Enabled) => C:\Users\intell

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
JPEG Lossless Rotator 9.1 (HKLM\...\JPEG Lossless Rotator_is1) (Version:  - Anny)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
Nero 8 Micro v8.3.6.0 (HKLM-x32\...\Nero8360_Micro_is1) (Version:  - www.nero.com)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
Total Commander 7.56a Vi7Pack 1.83 (31.08.2011) (HKLM\...\Total Commander Vi7Pack_is1) (Version: 1.83 - vadimsva)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B9F9C8E7-BCF9-4BE1-895A-41C2E76820C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {E6304634-EC2F-462E-A646-51383A9B0744} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
Task: {E7CCAA55-44FC-4AE1-9018-80A98F32B8F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
Task: {F70F6A54-93A8-4560-8B3A-352DD8ABD2DB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2014-04-05 14:11 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-08-21 16:16 - 2013-03-13 15:08 - 02268160 _____ () C:\Program Files\JPEG Lossless Rotator\contmenu.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-08-20 13:15 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\intell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: .EsetTrialReset => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\Windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BingSvc => C:\Users\intell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{679946E1-A79C-40A3-A8E8-EE2FFF601DBE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5A0A57D2-56C2-45CF-B6F4-851D1ACFA27A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D70EAC3A-953B-4256-8B58-B88E0F0E928F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{EDA4BEBA-1094-491B-BA90-21C98F72067E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{3D158BA7-21E5-40D0-BAF1-118D59521E99}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{27FFE023-CC4D-4C1C-A9BF-E30990EC2E81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4EC81DF1-4E04-4AE2-BC93-45FB82B740DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1535DB1A-6E82-445F-ACFF-19B4F3E211E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{713AE5A7-D249-4BDB-A5A9-1C69FBE283D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{61A7B182-D0EF-40EC-8886-EA3D711BFCFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D44F228D-E7C9-47EA-8CF0-9997DE9D8151}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{805D7F15-2FE2-45F3-9D72-A0585CD3A927}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2016 01:50:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:50:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:50:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:50:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:20:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:20:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:20:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 01:20:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 12:50:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/20/2016 12:50:31 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.


System errors:
=============
Error: (08/20/2016 12:48:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:48:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:47:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error

Error: (08/20/2016 12:47:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259 = Unspecified error


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Percentage of memory in use: 53%
Total physical RAM: 2038.11 MB
Available physical RAM: 942.77 MB
Total Virtual: 5095.11 MB
Available Virtual: 3643.5 MB

==================== Drives ================================

Drive c: (sistem) (Fixed) (Total:47.89 GB) (Free:23.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:417.87 GB) (Free:356.98 GB) NTFS
Drive e: (Backup) (Fixed) (Total:931.51 GB) (Free:810.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FAE6A423)
Partition 1: (Active) - (Size=47.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=417.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 651B2DAE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

--- --- ---

burningice · 20.08.2016, 14:59

Also die echte Bing Search ist ja jetzt nicht wirklich was wildes, aber können wir uns anschauen wenn es dich stört und eben "unerwünscht" ist.

Aber wegen ein paar Einstellungen auf deinem PC schauen wir mal, ob sich nicht was anderes versteckt.

Schritt: 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt: 2
Downloade dir bitte

Farbar Service Scanner

Starte das Tool mit Doppelklick auf die FSS.exe
Gehe sicher, dass folgende Optionen angehakt sind.
- Internet Services
- Windows Firewall
- System Restore
- Security Center/Action Center
- Windows Update
- Windows Defender
- Other Services
Klicke auf Scan.
Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.

jack1989 · 20.08.2016, 15:11

wenns ja die echte Bing Search wäre - da bin ich mir allerdings nicht sicher, mich stört vor allem, dass Registry Einträge laut meinen ersten Versuchen mit ADW Cleaner wieder auftauchen und das mittlerweile zwei Plugins sich in Google Chrom ständig selbst installieren möchten und um Berechtigung fragen. Die Ask Toolbar ist scheinbar nicht richtig gelöscht und dieses Bing Search Addin fragt auch in unregelmäßigen Abständen nach Installationsberechtigung.

Rafael, falls du aktuell Zeit hast - ich bin aktuell am Notebook und kann deine Fragen und Anweisungen direkt umsetzen, sodass ich eine sehr kurze Reaktionszeit auf deine Posts habe. Auf dem betroffenen System in Serbien ist TeamViewer fest installiert, falls bedarf besteht. Übrigens mein Name ist Michael

TDSSKiller Log

Code:

ATTFilter

16:02:49.0254 0x0aac  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
16:02:53.0374 0x0aac  ============================================================
16:02:53.0374 0x0aac  Current date / time: 2016/08/20 16:02:53.0374
16:02:53.0374 0x0aac  SystemInfo:
16:02:53.0374 0x0aac  
16:02:53.0374 0x0aac  OS Version: 6.1.7600 ServicePack: 0.0
16:02:53.0374 0x0aac  Product type: Workstation
16:02:53.0374 0x0aac  ComputerName: INTELL-PC
16:02:53.0375 0x0aac  UserName: intell
16:02:53.0375 0x0aac  Windows directory: C:\Windows
16:02:53.0375 0x0aac  System windows directory: C:\Windows
16:02:53.0375 0x0aac  Running under WOW64
16:02:53.0375 0x0aac  Processor architecture: Intel x64
16:02:53.0375 0x0aac  Number of processors: 2
16:02:53.0375 0x0aac  Page size: 0x1000
16:02:53.0375 0x0aac  Boot type: Normal boot
16:02:53.0375 0x0aac  CodeIntegrityOptions = 0x00000001
16:02:53.0375 0x0aac  ============================================================
16:02:56.0141 0x0aac  KLMD registered as C:\Windows\system32\drivers\99931124.sys
16:02:56.0141 0x0aac  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7600.16385, osProperties = 0x1
16:02:56.0285 0x0aac  System UUID: {41E23588-FAC0-7BCE-6A49-4A458BD389C9}
16:02:56.0722 0x0aac  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:03:04.0232 0x0aac  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:03:04.0239 0x0aac  ============================================================
16:03:04.0239 0x0aac  \Device\Harddisk0\DR0:
16:03:04.0239 0x0aac  MBR partitions:
16:03:04.0239 0x0aac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x5FC9800
16:03:04.0239 0x0aac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x5FCA000, BlocksNum 0x343BB000
16:03:04.0239 0x0aac  \Device\Harddisk1\DR1:
16:03:04.0239 0x0aac  MBR partitions:
16:03:04.0240 0x0aac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:03:04.0240 0x0aac  ============================================================
16:03:04.0263 0x0aac  C: <-> \Device\Harddisk0\DR0\Partition1
16:03:04.0297 0x0aac  D: <-> \Device\Harddisk0\DR0\Partition2
16:03:04.0312 0x0aac  E: <-> \Device\Harddisk1\DR1\Partition1
16:03:04.0312 0x0aac  ============================================================
16:03:04.0312 0x0aac  Initialize success
16:03:04.0312 0x0aac  ============================================================
16:03:16.0902 0x017c  ============================================================
16:03:16.0902 0x017c  Scan started
16:03:16.0902 0x017c  Mode: Manual; 
16:03:16.0902 0x017c  ============================================================
16:03:16.0902 0x017c  KSN ping started
16:03:19.0686 0x017c  KSN ping finished: true
16:03:21.0903 0x017c  ================ Scan system memory ========================
16:03:21.0903 0x017c  System memory - ok
16:03:21.0905 0x017c  ================ Scan services =============================
16:03:22.0037 0x017c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
16:03:22.0047 0x017c  1394ohci - ok
16:03:22.0097 0x017c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
16:03:22.0105 0x017c  ACPI - ok
16:03:22.0117 0x017c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
16:03:22.0119 0x017c  AcpiPmi - ok
16:03:22.0252 0x017c  [ 8054C6835F89CA2367798396423608F1, 086B19922CA9DA1BD45BB1CE5E9303A137A09EC6D5971F59341A612CE3BB50BC ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
16:03:22.0301 0x017c  AcrSch2Svc - ok
16:03:22.0391 0x017c  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:03:22.0395 0x017c  AdobeARMservice - ok
16:03:22.0449 0x017c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:03:22.0470 0x017c  adp94xx - ok
16:03:22.0502 0x017c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:03:22.0510 0x017c  adpahci - ok
16:03:22.0527 0x017c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:03:22.0531 0x017c  adpu320 - ok
16:03:22.0557 0x017c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:03:22.0560 0x017c  AeLookupSvc - ok
16:03:22.0600 0x017c  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
16:03:22.0608 0x017c  afcdp - ok
16:03:22.0742 0x017c  [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
16:03:22.0849 0x017c  afcdpsrv - ok
16:03:22.0900 0x017c  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
16:03:22.0912 0x017c  AFD - ok
16:03:22.0939 0x017c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
16:03:22.0941 0x017c  agp440 - ok
16:03:22.0961 0x017c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:03:22.0964 0x017c  ALG - ok
16:03:22.0985 0x017c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
16:03:22.0986 0x017c  aliide - ok
16:03:22.0995 0x017c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
16:03:22.0996 0x017c  amdide - ok
16:03:23.0004 0x017c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:03:23.0006 0x017c  AmdK8 - ok
16:03:23.0021 0x017c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:03:23.0024 0x017c  AmdPPM - ok
16:03:23.0040 0x017c  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
16:03:23.0043 0x017c  amdsata - ok
16:03:23.0056 0x017c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:03:23.0061 0x017c  amdsbs - ok
16:03:23.0075 0x017c  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
16:03:23.0077 0x017c  amdxata - ok
16:03:23.0099 0x017c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
16:03:23.0102 0x017c  AppID - ok
16:03:23.0127 0x017c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:03:23.0129 0x017c  AppIDSvc - ok
16:03:23.0140 0x017c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
16:03:23.0142 0x017c  Appinfo - ok
16:03:23.0174 0x017c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:03:23.0178 0x017c  AppMgmt - ok
16:03:23.0192 0x017c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:03:23.0195 0x017c  arc - ok
16:03:23.0207 0x017c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:03:23.0211 0x017c  arcsas - ok
16:03:23.0302 0x017c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:03:23.0304 0x017c  aspnet_state - ok
16:03:23.0332 0x017c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:03:23.0334 0x017c  AsyncMac - ok
16:03:23.0352 0x017c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
16:03:23.0353 0x017c  atapi - ok
16:03:23.0409 0x017c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:03:23.0426 0x017c  AudioEndpointBuilder - ok
16:03:23.0449 0x017c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:03:23.0461 0x017c  AudioSrv - ok
16:03:23.0483 0x017c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:03:23.0487 0x017c  AxInstSV - ok
16:03:23.0515 0x017c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:03:23.0528 0x017c  b06bdrv - ok
16:03:23.0558 0x017c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:03:23.0565 0x017c  b57nd60a - ok
16:03:23.0584 0x017c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:03:23.0588 0x017c  BDESVC - ok
16:03:23.0608 0x017c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:03:23.0609 0x017c  Beep - ok
16:03:23.0639 0x017c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
16:03:23.0656 0x017c  BFE - ok
16:03:23.0708 0x017c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
16:03:23.0731 0x017c  BITS - ok
16:03:23.0759 0x017c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:03:23.0761 0x017c  blbdrive - ok
16:03:23.0775 0x017c  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:03:23.0779 0x017c  bowser - ok
16:03:23.0787 0x017c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:03:23.0788 0x017c  BrFiltLo - ok
16:03:23.0797 0x017c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:03:23.0798 0x017c  BrFiltUp - ok
16:03:23.0831 0x017c  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
16:03:23.0835 0x017c  Browser - ok
16:03:23.0857 0x017c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:03:23.0865 0x017c  Brserid - ok
16:03:23.0884 0x017c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:03:23.0886 0x017c  BrSerWdm - ok
16:03:23.0895 0x017c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:03:23.0896 0x017c  BrUsbMdm - ok
16:03:23.0903 0x017c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:03:23.0904 0x017c  BrUsbSer - ok
16:03:23.0920 0x017c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:03:23.0923 0x017c  BTHMODEM - ok
16:03:23.0978 0x017c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:03:23.0982 0x017c  bthserv - ok
16:03:24.0003 0x017c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:03:24.0007 0x017c  cdfs - ok
16:03:24.0037 0x017c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:03:24.0041 0x017c  cdrom - ok
16:03:24.0067 0x017c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:03:24.0072 0x017c  CertPropSvc - ok
16:03:24.0092 0x017c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:03:24.0094 0x017c  circlass - ok
16:03:24.0117 0x017c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:03:24.0131 0x017c  CLFS - ok
16:03:24.0186 0x017c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:03:24.0189 0x017c  clr_optimization_v2.0.50727_32 - ok
16:03:24.0225 0x017c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:03:24.0229 0x017c  clr_optimization_v2.0.50727_64 - ok
16:03:24.0308 0x017c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:03:24.0316 0x017c  clr_optimization_v4.0.30319_32 - ok
16:03:24.0340 0x017c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:03:24.0345 0x017c  clr_optimization_v4.0.30319_64 - ok
16:03:24.0379 0x017c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:03:24.0381 0x017c  CmBatt - ok
16:03:24.0396 0x017c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
16:03:24.0398 0x017c  cmdide - ok
16:03:24.0418 0x017c  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:03:24.0439 0x017c  CNG - ok
16:03:24.0454 0x017c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:03:24.0456 0x017c  Compbatt - ok
16:03:24.0479 0x017c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:03:24.0481 0x017c  CompositeBus - ok
16:03:24.0496 0x017c  COMSysApp - ok
16:03:24.0507 0x017c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:03:24.0509 0x017c  crcdisk - ok
16:03:24.0556 0x017c  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:03:24.0561 0x017c  CryptSvc - ok
16:03:24.0602 0x017c  [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC             C:\Windows\system32\drivers\csc.sys
16:03:24.0615 0x017c  CSC - ok
16:03:24.0651 0x017c  [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService      C:\Windows\System32\cscsvc.dll
16:03:24.0671 0x017c  CscService - ok
16:03:24.0718 0x017c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:03:24.0734 0x017c  DcomLaunch - ok
16:03:24.0770 0x017c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:03:24.0779 0x017c  defragsvc - ok
16:03:24.0795 0x017c  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:03:24.0799 0x017c  DfsC - ok
16:03:24.0827 0x017c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:03:24.0836 0x017c  Dhcp - ok
16:03:24.0862 0x017c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:03:24.0864 0x017c  discache - ok
16:03:24.0892 0x017c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:03:24.0895 0x017c  Disk - ok
16:03:24.0904 0x017c  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:03:24.0910 0x017c  Dnscache - ok
16:03:24.0932 0x017c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:03:24.0938 0x017c  dot3svc - ok
16:03:24.0955 0x017c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
16:03:24.0958 0x017c  DPS - ok
16:03:24.0993 0x017c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:03:24.0994 0x017c  drmkaud - ok
16:03:25.0043 0x017c  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:03:25.0066 0x017c  DXGKrnl - ok
16:03:25.0103 0x017c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:03:25.0106 0x017c  EapHost - ok
16:03:25.0242 0x017c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:03:25.0370 0x017c  ebdrv - ok
16:03:25.0396 0x017c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
16:03:25.0398 0x017c  EFS - ok
16:03:25.0459 0x017c  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:03:25.0478 0x017c  ehRecvr - ok
16:03:25.0498 0x017c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:03:25.0503 0x017c  ehSched - ok
16:03:25.0530 0x017c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:03:25.0543 0x017c  elxstor - ok
16:03:25.0558 0x017c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
16:03:25.0559 0x017c  ErrDev - ok
16:03:25.0610 0x017c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:03:25.0619 0x017c  EventSystem - ok
16:03:25.0650 0x017c  EverestDriver - ok
16:03:25.0673 0x017c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:03:25.0678 0x017c  exfat - ok
16:03:25.0697 0x017c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:03:25.0703 0x017c  fastfat - ok
16:03:25.0739 0x017c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
16:03:25.0756 0x017c  Fax - ok
16:03:25.0770 0x017c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:03:25.0772 0x017c  fdc - ok
16:03:25.0790 0x017c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:03:25.0791 0x017c  fdPHost - ok
16:03:25.0804 0x017c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:03:25.0806 0x017c  FDResPub - ok
16:03:25.0826 0x017c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:03:25.0829 0x017c  FileInfo - ok
16:03:25.0841 0x017c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:03:25.0842 0x017c  Filetrace - ok
16:03:25.0855 0x017c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:03:25.0857 0x017c  flpydisk - ok
16:03:25.0881 0x017c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:03:25.0888 0x017c  FltMgr - ok
16:03:25.0949 0x017c  [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
16:03:25.0952 0x017c  fltsrv - ok
16:03:26.0004 0x017c  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
16:03:26.0027 0x017c  FontCache - ok
16:03:26.0078 0x017c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:03:26.0080 0x017c  FontCache3.0.0.0 - ok
16:03:26.0101 0x017c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:03:26.0103 0x017c  FsDepends - ok
16:03:26.0116 0x017c  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:03:26.0118 0x017c  Fs_Rec - ok
16:03:26.0139 0x017c  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:03:26.0145 0x017c  fvevol - ok
16:03:26.0169 0x017c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:03:26.0172 0x017c  gagp30kx - ok
16:03:26.0217 0x017c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:03:26.0234 0x017c  gpsvc - ok
16:03:26.0341 0x017c  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:03:26.0347 0x017c  gupdate - ok
16:03:26.0357 0x017c  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:03:26.0362 0x017c  gupdatem - ok
16:03:26.0397 0x017c  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:03:26.0401 0x017c  gusvc - ok
16:03:26.0422 0x017c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:03:26.0424 0x017c  hcw85cir - ok
16:03:26.0467 0x017c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:03:26.0475 0x017c  HdAudAddService - ok
16:03:26.0488 0x017c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:03:26.0492 0x017c  HDAudBus - ok
16:03:26.0502 0x017c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:03:26.0503 0x017c  HidBatt - ok
16:03:26.0516 0x017c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:03:26.0520 0x017c  HidBth - ok
16:03:26.0535 0x017c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:03:26.0537 0x017c  HidIr - ok
16:03:26.0557 0x017c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:03:26.0558 0x017c  hidserv - ok
16:03:26.0582 0x017c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:03:26.0584 0x017c  HidUsb - ok
16:03:26.0603 0x017c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:03:26.0606 0x017c  hkmsvc - ok
16:03:26.0616 0x017c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:03:26.0622 0x017c  HomeGroupListener - ok
16:03:26.0654 0x017c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:03:26.0659 0x017c  HomeGroupProvider - ok
16:03:26.0675 0x017c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
16:03:26.0678 0x017c  HpSAMD - ok
16:03:26.0712 0x017c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:03:26.0730 0x017c  HTTP - ok
16:03:26.0743 0x017c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:03:26.0745 0x017c  hwpolicy - ok
16:03:26.0759 0x017c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:03:26.0762 0x017c  i8042prt - ok
16:03:26.0788 0x017c  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
16:03:26.0798 0x017c  iaStorV - ok
16:03:26.0851 0x017c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:03:26.0872 0x017c  idsvc - ok
16:03:27.0104 0x017c  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:03:27.0289 0x017c  igfx - ok
16:03:27.0336 0x017c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:03:27.0338 0x017c  iirsp - ok
16:03:27.0386 0x017c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
16:03:27.0403 0x017c  IKEEXT - ok
16:03:27.0432 0x017c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
16:03:27.0433 0x017c  intelide - ok
16:03:27.0460 0x017c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:03:27.0462 0x017c  intelppm - ok
16:03:27.0485 0x017c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:03:27.0488 0x017c  IPBusEnum - ok
16:03:27.0505 0x017c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:03:27.0508 0x017c  IpFilterDriver - ok
16:03:27.0535 0x017c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:03:27.0547 0x017c  iphlpsvc - ok
16:03:27.0583 0x017c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:03:27.0586 0x017c  IPMIDRV - ok
16:03:27.0600 0x017c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:03:27.0604 0x017c  IPNAT - ok
16:03:27.0632 0x017c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:03:27.0634 0x017c  IRENUM - ok
16:03:27.0648 0x017c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
16:03:27.0650 0x017c  isapnp - ok
16:03:27.0668 0x017c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
16:03:27.0675 0x017c  iScsiPrt - ok
16:03:27.0699 0x017c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:03:27.0701 0x017c  kbdclass - ok
16:03:27.0710 0x017c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:03:27.0712 0x017c  kbdhid - ok
16:03:27.0727 0x017c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
16:03:27.0729 0x017c  KeyIso - ok
16:03:27.0743 0x017c  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:03:27.0747 0x017c  KSecDD - ok
16:03:27.0763 0x017c  [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:03:27.0768 0x017c  KSecPkg - ok
16:03:27.0790 0x017c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:03:27.0792 0x017c  ksthunk - ok
16:03:27.0836 0x017c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:03:27.0851 0x017c  KtmRm - ok
16:03:27.0902 0x017c  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:03:27.0914 0x017c  LanmanServer - ok
16:03:27.0955 0x017c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:03:27.0965 0x017c  LanmanWorkstation - ok
16:03:28.0005 0x017c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:03:28.0008 0x017c  lltdio - ok
16:03:28.0044 0x017c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:03:28.0052 0x017c  lltdsvc - ok
16:03:28.0076 0x017c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:03:28.0078 0x017c  lmhosts - ok
16:03:28.0090 0x017c  lmimirr - ok
16:03:28.0138 0x017c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:03:28.0142 0x017c  LSI_FC - ok
16:03:28.0167 0x017c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:03:28.0172 0x017c  LSI_SAS - ok
16:03:28.0192 0x017c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:03:28.0195 0x017c  LSI_SAS2 - ok
16:03:28.0216 0x017c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:03:28.0220 0x017c  LSI_SCSI - ok
16:03:28.0238 0x017c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:03:28.0242 0x017c  luafv - ok
16:03:28.0267 0x017c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:03:28.0272 0x017c  Mcx2Svc - ok
16:03:28.0287 0x017c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:03:28.0289 0x017c  megasas - ok
16:03:28.0309 0x017c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:03:28.0317 0x017c  MegaSR - ok
16:03:28.0387 0x017c  [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:03:28.0390 0x017c  Microsoft Office Groove Audit Service - ok
16:03:28.0423 0x017c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:03:28.0428 0x017c  MMCSS - ok
16:03:28.0442 0x017c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:03:28.0443 0x017c  Modem - ok
16:03:28.0468 0x017c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:03:28.0470 0x017c  monitor - ok
16:03:28.0490 0x017c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:03:28.0492 0x017c  mouclass - ok
16:03:28.0505 0x017c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:03:28.0510 0x017c  mouhid - ok
16:03:28.0530 0x017c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:03:28.0534 0x017c  mountmgr - ok
16:03:28.0572 0x017c  [ C01441BA6F99890B7FF6CD0260B7750A, E02FFB1E8A3E423C9392ADAA9DF5FECF800DFAB3E09B74A029106DC337995539 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:03:28.0576 0x017c  MozillaMaintenance - ok
16:03:28.0594 0x017c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
16:03:28.0598 0x017c  mpio - ok
16:03:28.0610 0x017c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:03:28.0614 0x017c  mpsdrv - ok
16:03:28.0660 0x017c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:03:28.0681 0x017c  MpsSvc - ok
16:03:28.0697 0x017c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:03:28.0701 0x017c  MRxDAV - ok
16:03:28.0710 0x017c  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:03:28.0715 0x017c  mrxsmb - ok
16:03:28.0733 0x017c  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:03:28.0740 0x017c  mrxsmb10 - ok
16:03:28.0748 0x017c  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:03:28.0752 0x017c  mrxsmb20 - ok
16:03:28.0765 0x017c  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
16:03:28.0768 0x017c  msahci - ok
16:03:28.0788 0x017c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
16:03:28.0792 0x017c  msdsm - ok
16:03:28.0812 0x017c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:03:28.0817 0x017c  MSDTC - ok
16:03:28.0845 0x017c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:03:28.0847 0x017c  Msfs - ok
16:03:28.0865 0x017c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:03:28.0867 0x017c  mshidkmdf - ok
16:03:28.0882 0x017c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
16:03:28.0884 0x017c  msisadrv - ok
16:03:28.0910 0x017c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:03:28.0915 0x017c  MSiSCSI - ok
16:03:28.0924 0x017c  msiserver - ok
16:03:28.0951 0x017c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:03:28.0952 0x017c  MSKSSRV - ok
16:03:28.0958 0x017c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:03:28.0959 0x017c  MSPCLOCK - ok
16:03:28.0964 0x017c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:03:28.0965 0x017c  MSPQM - ok
16:03:28.0992 0x017c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:03:29.0001 0x017c  MsRPC - ok
16:03:29.0019 0x017c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:03:29.0020 0x017c  mssmbios - ok
16:03:29.0025 0x017c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:03:29.0027 0x017c  MSTEE - ok
16:03:29.0042 0x017c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:03:29.0043 0x017c  MTConfig - ok
16:03:29.0057 0x017c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:03:29.0060 0x017c  Mup - ok
16:03:29.0098 0x017c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
16:03:29.0110 0x017c  napagent - ok
16:03:29.0145 0x017c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:03:29.0152 0x017c  NativeWifiP - ok
16:03:29.0192 0x017c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:03:29.0215 0x017c  NDIS - ok
16:03:29.0255 0x017c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:03:29.0256 0x017c  NdisCap - ok
16:03:29.0271 0x017c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:03:29.0274 0x017c  NdisTapi - ok
16:03:29.0291 0x017c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:03:29.0293 0x017c  Ndisuio - ok
16:03:29.0312 0x017c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:03:29.0317 0x017c  NdisWan - ok
16:03:29.0331 0x017c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:03:29.0334 0x017c  NDProxy - ok
16:03:29.0340 0x017c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:03:29.0342 0x017c  NetBIOS - ok
16:03:29.0360 0x017c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:03:29.0366 0x017c  NetBT - ok
16:03:29.0384 0x017c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
16:03:29.0385 0x017c  Netlogon - ok
16:03:29.0433 0x017c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:03:29.0443 0x017c  Netman - ok
16:03:29.0471 0x017c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:29.0477 0x017c  NetMsmqActivator - ok
16:03:29.0497 0x017c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:29.0500 0x017c  NetPipeActivator - ok
16:03:29.0528 0x017c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:03:29.0540 0x017c  netprofm - ok
16:03:29.0547 0x017c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:29.0550 0x017c  NetTcpActivator - ok
16:03:29.0557 0x017c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:03:29.0559 0x017c  NetTcpPortSharing - ok
16:03:29.0590 0x017c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:03:29.0592 0x017c  nfrd960 - ok
16:03:29.0610 0x017c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:03:29.0619 0x017c  NlaSvc - ok
16:03:29.0640 0x017c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:03:29.0642 0x017c  Npfs - ok
16:03:29.0663 0x017c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:03:29.0666 0x017c  nsi - ok
16:03:29.0695 0x017c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:03:29.0700 0x017c  nsiproxy - ok
16:03:29.0766 0x017c  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:03:29.0825 0x017c  Ntfs - ok
16:03:29.0848 0x017c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:03:29.0853 0x017c  Null - ok
16:03:29.0874 0x017c  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
16:03:29.0881 0x017c  nvraid - ok
16:03:29.0908 0x017c  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
16:03:29.0914 0x017c  nvstor - ok
16:03:29.0947 0x017c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
16:03:29.0954 0x017c  nv_agp - ok
16:03:30.0034 0x017c  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:03:30.0045 0x017c  odserv - ok
16:03:30.0065 0x017c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
16:03:30.0069 0x017c  ohci1394 - ok
16:03:30.0099 0x017c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:03:30.0103 0x017c  ose - ok
16:03:30.0139 0x017c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:03:30.0148 0x017c  p2pimsvc - ok
16:03:30.0170 0x017c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:03:30.0182 0x017c  p2psvc - ok
16:03:30.0198 0x017c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:03:30.0202 0x017c  Parport - ok
16:03:30.0228 0x017c  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:03:30.0231 0x017c  partmgr - ok
16:03:30.0246 0x017c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:03:30.0252 0x017c  PcaSvc - ok
16:03:30.0262 0x017c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
16:03:30.0268 0x017c  pci - ok
16:03:30.0280 0x017c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
16:03:30.0281 0x017c  pciide - ok
16:03:30.0296 0x017c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:03:30.0301 0x017c  pcmcia - ok
16:03:30.0308 0x017c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:03:30.0310 0x017c  pcw - ok
16:03:30.0344 0x017c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:03:30.0359 0x017c  PEAUTH - ok
16:03:30.0423 0x017c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:03:30.0459 0x017c  PeerDistSvc - ok
16:03:30.0534 0x017c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:03:30.0538 0x017c  PerfHost - ok
16:03:30.0610 0x017c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
16:03:30.0646 0x017c  pla - ok
16:03:30.0683 0x017c  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:03:30.0694 0x017c  PlugPlay - ok
16:03:30.0706 0x017c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:03:30.0709 0x017c  PNRPAutoReg - ok
16:03:30.0730 0x017c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:03:30.0737 0x017c  PNRPsvc - ok
16:03:30.0771 0x017c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:03:30.0784 0x017c  PolicyAgent - ok
16:03:30.0796 0x017c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:03:30.0802 0x017c  Power - ok
16:03:30.0844 0x017c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:03:30.0847 0x017c  PptpMiniport - ok
16:03:30.0859 0x017c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:03:30.0861 0x017c  Processor - ok
16:03:30.0896 0x017c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
16:03:30.0902 0x017c  ProfSvc - ok
16:03:30.0915 0x017c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:03:30.0917 0x017c  ProtectedStorage - ok
16:03:30.0932 0x017c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:03:30.0935 0x017c  Psched - ok
16:03:30.0993 0x017c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:03:31.0043 0x017c  ql2300 - ok
16:03:31.0063 0x017c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:03:31.0068 0x017c  ql40xx - ok
16:03:31.0092 0x017c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:03:31.0100 0x017c  QWAVE - ok
16:03:31.0118 0x017c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:03:31.0125 0x017c  QWAVEdrv - ok
16:03:31.0136 0x017c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:03:31.0138 0x017c  RasAcd - ok
16:03:31.0164 0x017c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:03:31.0167 0x017c  RasAgileVpn - ok
16:03:31.0175 0x017c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:03:31.0179 0x017c  RasAuto - ok
16:03:31.0187 0x017c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:03:31.0190 0x017c  Rasl2tp - ok
16:03:31.0204 0x017c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
16:03:31.0214 0x017c  RasMan - ok
16:03:31.0250 0x017c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:03:31.0253 0x017c  RasPppoe - ok
16:03:31.0260 0x017c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:03:31.0263 0x017c  RasSstp - ok
16:03:31.0284 0x017c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:03:31.0292 0x017c  rdbss - ok
16:03:31.0305 0x017c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:03:31.0307 0x017c  rdpbus - ok
16:03:31.0316 0x017c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:03:31.0317 0x017c  RDPCDD - ok
16:03:31.0350 0x017c  [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:03:31.0355 0x017c  RDPDR - ok
16:03:31.0373 0x017c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:03:31.0375 0x017c  RDPENCDD - ok
16:03:31.0388 0x017c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:03:31.0388 0x017c  RDPREFMP - ok
16:03:31.0406 0x017c  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:03:31.0411 0x017c  RDPWD - ok
16:03:31.0441 0x017c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:03:31.0447 0x017c  rdyboost - ok
16:03:31.0464 0x017c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:03:31.0468 0x017c  RemoteAccess - ok
16:03:31.0488 0x017c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:03:31.0492 0x017c  RemoteRegistry - ok
16:03:31.0507 0x017c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:03:31.0509 0x017c  RpcEptMapper - ok
16:03:31.0536 0x017c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:03:31.0538 0x017c  RpcLocator - ok
16:03:31.0568 0x017c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
16:03:31.0581 0x017c  RpcSs - ok
16:03:31.0618 0x017c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:03:31.0622 0x017c  rspndr - ok
16:03:31.0652 0x017c  [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64      C:\Windows\system32\DRIVERS\Rtnic64.sys
16:03:31.0654 0x017c  RTL8023x64 - ok
16:03:31.0682 0x017c  [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
16:03:31.0684 0x017c  s3cap - ok
16:03:31.0698 0x017c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
16:03:31.0699 0x017c  SamSs - ok
16:03:31.0723 0x017c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
16:03:31.0727 0x017c  sbp2port - ok
16:03:31.0748 0x017c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:03:31.0753 0x017c  SCardSvr - ok
16:03:31.0768 0x017c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:03:31.0771 0x017c  scfilter - ok
16:03:31.0814 0x017c  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
16:03:31.0841 0x017c  Schedule - ok
16:03:31.0867 0x017c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:03:31.0869 0x017c  SCPolicySvc - ok
16:03:31.0886 0x017c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:03:31.0892 0x017c  SDRSVC - ok
16:03:31.0915 0x017c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:03:31.0917 0x017c  secdrv - ok
16:03:31.0923 0x017c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
16:03:31.0925 0x017c  seclogon - ok
16:03:31.0934 0x017c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:03:31.0937 0x017c  SENS - ok
16:03:31.0943 0x017c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:03:31.0946 0x017c  SensrSvc - ok
16:03:31.0961 0x017c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:03:31.0963 0x017c  Serenum - ok
16:03:31.0980 0x017c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:03:31.0984 0x017c  Serial - ok
16:03:31.0996 0x017c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:03:31.0998 0x017c  sermouse - ok
16:03:32.0012 0x017c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:03:32.0017 0x017c  SessionEnv - ok
16:03:32.0032 0x017c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
16:03:32.0033 0x017c  sffdisk - ok
16:03:32.0043 0x017c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:03:32.0045 0x017c  sffp_mmc - ok
16:03:32.0057 0x017c  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
16:03:32.0059 0x017c  sffp_sd - ok
16:03:32.0067 0x017c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:03:32.0068 0x017c  sfloppy - ok
16:03:32.0096 0x017c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:03:32.0106 0x017c  SharedAccess - ok
16:03:32.0135 0x017c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:03:32.0145 0x017c  ShellHWDetection - ok
16:03:32.0166 0x017c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:03:32.0168 0x017c  SiSRaid2 - ok
16:03:32.0181 0x017c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:03:32.0184 0x017c  SiSRaid4 - ok
16:03:32.0263 0x017c  [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:03:32.0277 0x017c  SkypeUpdate - ok
16:03:32.0293 0x017c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:03:32.0296 0x017c  Smb - ok
16:03:32.0360 0x017c  [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
16:03:32.0367 0x017c  snapman - ok
16:03:32.0403 0x017c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:03:32.0407 0x017c  SNMPTRAP - ok
16:03:32.0418 0x017c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:03:32.0420 0x017c  spldr - ok
16:03:32.0454 0x017c  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe
16:03:32.0469 0x017c  Spooler - ok
16:03:32.0600 0x017c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
16:03:32.0689 0x017c  sppsvc - ok
16:03:32.0712 0x017c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:03:32.0715 0x017c  sppuinotify - ok
16:03:32.0738 0x017c  [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:03:32.0749 0x017c  srv - ok
16:03:32.0771 0x017c  [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:03:32.0788 0x017c  srv2 - ok
16:03:32.0798 0x017c  [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:03:32.0802 0x017c  srvnet - ok
16:03:32.0823 0x017c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:03:32.0829 0x017c  SSDPSRV - ok
16:03:32.0846 0x017c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:03:32.0849 0x017c  SstpSvc - ok
16:03:32.0862 0x017c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:03:32.0864 0x017c  stexstor - ok
16:03:32.0917 0x017c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
16:03:32.0933 0x017c  stisvc - ok
16:03:32.0954 0x017c  [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
16:03:32.0956 0x017c  storflt - ok
16:03:32.0970 0x017c  [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
16:03:32.0972 0x017c  storvsc - ok
16:03:32.0994 0x017c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:03:32.0995 0x017c  swenum - ok
16:03:33.0082 0x017c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:03:33.0098 0x017c  SwitchBoard - ok
16:03:33.0144 0x017c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:03:33.0158 0x017c  swprv - ok
16:03:33.0443 0x017c  [ 062404ED60707B116EDD3E52836AE664, 846E1BF6FA3E8C6484438305901DC9AD867743104A07F67502F5F3A7195CAED7 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
16:03:33.0681 0x017c  syncagentsrv - ok
16:03:33.0796 0x017c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
16:03:33.0849 0x017c  SysMain - ok
16:03:33.0872 0x017c  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:03:33.0875 0x017c  TabletInputService - ok
16:03:33.0888 0x017c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:03:33.0895 0x017c  TapiSrv - ok
16:03:33.0910 0x017c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:03:33.0913 0x017c  TBS - ok
16:03:33.0987 0x017c  [ 7FC877A25796D8ADF539E64703FCA7E1, 9099A131FA05DCC10733460F2923671E9B8F878D769755E10D0E7261EC2A15EC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:03:34.0047 0x017c  Tcpip - ok
16:03:34.0129 0x017c  [ 7FC877A25796D8ADF539E64703FCA7E1, 9099A131FA05DCC10733460F2923671E9B8F878D769755E10D0E7261EC2A15EC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:03:34.0165 0x017c  TCPIP6 - ok
16:03:34.0202 0x017c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:03:34.0204 0x017c  tcpipreg - ok
16:03:34.0219 0x017c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:03:34.0220 0x017c  TDPIPE - ok
16:03:34.0292 0x017c  [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
16:03:34.0335 0x017c  tdrpman - ok
16:03:34.0351 0x017c  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:03:34.0353 0x017c  TDTCP - ok
16:03:34.0378 0x017c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:03:34.0381 0x017c  tdx - ok
16:03:34.0766 0x017c  [ 24E2D5DADAABEDA03EF320DD81C1F4D8, 8ECAE22FCA68B43DB05738B18CAC789272B81AC46200886329101A7F2A92BEE2 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:03:34.0989 0x017c  TeamViewer - ok
16:03:35.0036 0x017c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:03:35.0038 0x017c  TermDD - ok
16:03:35.0082 0x017c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
16:03:35.0100 0x017c  TermService - ok
16:03:35.0116 0x017c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:03:35.0122 0x017c  Themes - ok
16:03:35.0149 0x017c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:03:35.0151 0x017c  THREADORDER - ok
16:03:35.0208 0x017c  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
16:03:35.0244 0x017c  tib - ok
16:03:35.0257 0x017c  [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
16:03:35.0262 0x017c  tib_mounter - ok
16:03:35.0291 0x017c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:03:35.0296 0x017c  TrkWks - ok
16:03:35.0342 0x017c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:03:35.0346 0x017c  TrustedInstaller - ok
16:03:35.0371 0x017c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:03:35.0373 0x017c  tssecsrv - ok
16:03:35.0402 0x017c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:03:35.0406 0x017c  tunnel - ok
16:03:35.0422 0x017c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:03:35.0425 0x017c  uagp35 - ok
16:03:35.0445 0x017c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:03:35.0453 0x017c  udfs - ok
16:03:35.0485 0x017c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:03:35.0488 0x017c  UI0Detect - ok
16:03:35.0504 0x017c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
16:03:35.0507 0x017c  uliagpkx - ok
16:03:35.0519 0x017c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:03:35.0521 0x017c  umbus - ok
16:03:35.0536 0x017c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:03:35.0538 0x017c  UmPass - ok
16:03:35.0564 0x017c  [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:03:35.0571 0x017c  UmRdpService - ok
16:03:35.0595 0x017c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:03:35.0605 0x017c  upnphost - ok
16:03:35.0655 0x017c  [ 77B01BC848298223A95D4EC23E1785A1, 7D0FBBA746588401400226BB966507EE34EEBB2F4F16607601E3D7383CAD34E2 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:03:35.0659 0x017c  usbaudio - ok
16:03:35.0669 0x017c  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:03:35.0673 0x017c  usbccgp - ok
16:03:35.0690 0x017c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
16:03:35.0693 0x017c  usbcir - ok
16:03:35.0705 0x017c  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:03:35.0708 0x017c  usbehci - ok
16:03:35.0741 0x017c  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:03:35.0749 0x017c  usbhub - ok
16:03:35.0761 0x017c  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:03:35.0763 0x017c  usbohci - ok
16:03:35.0781 0x017c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:03:35.0783 0x017c  usbprint - ok
16:03:35.0799 0x017c  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:03:35.0802 0x017c  USBSTOR - ok
16:03:35.0818 0x017c  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:03:35.0820 0x017c  usbuhci - ok
16:03:35.0867 0x017c  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:03:35.0873 0x017c  usbvideo - ok
16:03:35.0901 0x017c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:03:35.0904 0x017c  UxSms - ok
16:03:35.0910 0x017c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
16:03:35.0911 0x017c  VaultSvc - ok
16:03:35.0931 0x017c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
16:03:35.0934 0x017c  vdrvroot - ok
16:03:35.0972 0x017c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
16:03:35.0986 0x017c  vds - ok
16:03:36.0028 0x017c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:03:36.0030 0x017c  vga - ok
16:03:36.0041 0x017c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:03:36.0043 0x017c  VgaSave - ok
16:03:36.0062 0x017c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
16:03:36.0070 0x017c  vhdmp - ok
16:03:36.0090 0x017c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
16:03:36.0091 0x017c  viaide - ok
16:03:36.0110 0x017c  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
16:03:36.0117 0x017c  vididr - ok
16:03:36.0144 0x017c  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
16:03:36.0148 0x017c  vidsflt - ok
16:03:36.0183 0x017c  [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
16:03:36.0189 0x017c  vmbus - ok
16:03:36.0205 0x017c  [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
16:03:36.0207 0x017c  VMBusHID - ok
16:03:36.0214 0x017c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
16:03:36.0217 0x017c  volmgr - ok
16:03:36.0235 0x017c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:03:36.0245 0x017c  volmgrx - ok
16:03:36.0259 0x017c  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
16:03:36.0268 0x017c  volsnap - ok
16:03:36.0292 0x017c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:03:36.0296 0x017c  vsmraid - ok
16:03:36.0370 0x017c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
16:03:36.0422 0x017c  VSS - ok
16:03:36.0448 0x017c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:03:36.0451 0x017c  vwifibus - ok
16:03:36.0472 0x017c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:03:36.0483 0x017c  W32Time - ok
16:03:36.0505 0x017c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:03:36.0507 0x017c  WacomPen - ok
16:03:36.0534 0x017c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:03:36.0537 0x017c  WANARP - ok
16:03:36.0543 0x017c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:03:36.0545 0x017c  Wanarpv6 - ok
16:03:36.0598 0x017c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
16:03:36.0649 0x017c  wbengine - ok
16:03:36.0663 0x017c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:03:36.0671 0x017c  WbioSrvc - ok
16:03:36.0694 0x017c  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:03:36.0704 0x017c  wcncsvc - ok
16:03:36.0711 0x017c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:03:36.0714 0x017c  WcsPlugInService - ok
16:03:36.0734 0x017c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:03:36.0735 0x017c  Wd - ok
16:03:36.0763 0x017c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:03:36.0779 0x017c  Wdf01000 - ok
16:03:36.0793 0x017c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:03:36.0797 0x017c  WdiServiceHost - ok
16:03:36.0803 0x017c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:03:36.0806 0x017c  WdiSystemHost - ok
16:03:36.0818 0x017c  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
16:03:36.0828 0x017c  WebClient - ok
16:03:36.0846 0x017c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:03:36.0853 0x017c  Wecsvc - ok
16:03:36.0866 0x017c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:03:36.0871 0x017c  wercplsupport - ok
16:03:36.0898 0x017c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:03:36.0902 0x017c  WerSvc - ok
16:03:36.0922 0x017c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:03:36.0924 0x017c  WfpLwf - ok
16:03:36.0939 0x017c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:03:36.0940 0x017c  WIMMount - ok
16:03:36.0950 0x017c  WinDefend - ok
16:03:36.0958 0x017c  WinHttpAutoProxySvc - ok
16:03:37.0005 0x017c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:03:37.0012 0x017c  Winmgmt - ok
16:03:37.0090 0x017c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:03:37.0153 0x017c  WinRM - ok
16:03:37.0211 0x017c  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:03:37.0213 0x017c  WinUsb - ok
16:03:37.0256 0x017c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:03:37.0282 0x017c  Wlansvc - ok
16:03:37.0304 0x017c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:03:37.0305 0x017c  WmiAcpi - ok
16:03:37.0338 0x017c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:03:37.0343 0x017c  wmiApSrv - ok
16:03:37.0370 0x017c  WMPNetworkSvc - ok
16:03:37.0388 0x017c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:03:37.0393 0x017c  WPCSvc - ok
16:03:37.0432 0x017c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:03:37.0438 0x017c  WPDBusEnum - ok
16:03:37.0454 0x017c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:03:37.0457 0x017c  ws2ifsl - ok
16:03:37.0497 0x017c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:03:37.0502 0x017c  wscsvc - ok
16:03:37.0511 0x017c  WSearch - ok
16:03:37.0627 0x017c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:03:37.0714 0x017c  wuauserv - ok
16:03:37.0749 0x017c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:03:37.0754 0x017c  WudfPf - ok
16:03:37.0790 0x017c  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:03:37.0795 0x017c  WUDFRd - ok
16:03:37.0819 0x017c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:03:37.0825 0x017c  wudfsvc - ok
16:03:37.0857 0x017c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:03:37.0867 0x017c  WwanSvc - ok
16:03:37.0879 0x017c  ================ Scan global ===============================
16:03:37.0902 0x017c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:03:37.0923 0x017c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
16:03:37.0940 0x017c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
16:03:37.0960 0x017c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:03:37.0985 0x017c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:03:37.0994 0x017c  [ Global ] - ok
16:03:37.0995 0x017c  ================ Scan MBR ==================================
16:03:38.0003 0x017c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:03:38.0469 0x017c  \Device\Harddisk0\DR0 - ok
16:03:39.0033 0x017c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:03:39.0047 0x017c  \Device\Harddisk1\DR1 - ok
16:03:39.0047 0x017c  ================ Scan VBR ==================================
16:03:39.0050 0x017c  [ 359CE0BD5D04D070A89DDA6A5AE9BF74 ] \Device\Harddisk0\DR0\Partition1
16:03:39.0052 0x017c  \Device\Harddisk0\DR0\Partition1 - ok
16:03:39.0055 0x017c  [ F20FF211D9C6EA3B39667057FF87465E ] \Device\Harddisk0\DR0\Partition2
16:03:39.0057 0x017c  \Device\Harddisk0\DR0\Partition2 - ok
16:03:39.0060 0x017c  [ 5EB1A4ED9471E5D827720743D455BE22 ] \Device\Harddisk1\DR1\Partition1
16:03:39.0065 0x017c  \Device\Harddisk1\DR1\Partition1 - ok
16:03:39.0068 0x017c  ================ Scan generic autorun ======================
16:03:39.0104 0x017c  [ C37341BBB89067D4CCAC7FA799F78BB6, B13B066376B03FA150B53E37FE39DAC4CC82AC66D433C1BB44276235EC0E79E8 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
16:03:39.0117 0x017c  Acronis Scheduler2 Service - ok
16:03:39.0394 0x017c  [ F0C14288A8CBB4919919063F7B781483, 23BD6592035FAB1B222B151134D2504AC013F93768EAB91DF39EE9439AB11F4F ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
16:03:39.0596 0x017c  TrueImageMonitor.exe - ok
16:03:39.0665 0x017c  [ 3CEF82F01A4E5071D60CF45264FC50EB, 3E30C49E6B43EF901DBED56A18B88BE5741A8B9576587891BDED6C7174AC5859 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
16:03:39.0698 0x017c  AcronisTibMounterMonitor - ok
16:03:39.0808 0x017c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:03:39.0849 0x017c  Sidebar - ok
16:03:39.0880 0x017c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:03:39.0884 0x017c  mctadmin - ok
16:03:39.0933 0x017c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:03:39.0958 0x017c  Sidebar - ok
16:03:39.0971 0x017c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:03:39.0974 0x017c  mctadmin - ok
16:03:39.0977 0x017c  Waiting for KSN requests completion. In queue: 321
16:03:40.0978 0x017c  Waiting for KSN requests completion. In queue: 14
16:03:41.0978 0x017c  Waiting for KSN requests completion. In queue: 14
16:03:43.0015 0x017c  Win FW state via NFP2: enabled ( trusted )
16:03:45.0718 0x017c  ============================================================
16:03:45.0718 0x017c  Scan finished
16:03:45.0718 0x017c  ============================================================
16:03:45.0736 0x0bd8  Detected object count: 0
16:03:45.0736 0x0bd8  Actual detected object count: 0

Farbar log

Code:

ATTFilter

Farbar Service Scanner Version: 27-01-2016
Ran by intell (administrator) on 20-08-2016 at 16:10:45
Running from "C:\Users\intell\Downloads"
Microsoft Windows 7 Ultimate   (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

burningice · 20.08.2016, 16:23

Hallo Michael

Bin grade unterwegs das Wochenende also kann bisschen dauern bis ich dir wieder antworte, schauen wir dann mal

jack1989 · 20.08.2016, 16:31

Zitat:

Zitat von burningice

Hallo Michael

Bin grade unterwegs das Wochenende also kann bisschen dauern bis ich dir wieder antworte, schauen wir dann mal

Danke für die Info, Rafael - dann mal dir schönes Wochenende. Ich warte geduldig auf die Benachrichtungsmail, wenn sich hier im Thread was tut

burningice · 21.08.2016, 15:08

also i glab bis auf den katastrophalen patch stand des Systems is da ned wirklich was "ernstes".

Schritt: 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

jack1989 · 21.08.2016, 19:44

Hallo Rafael,

vorraussichtlich komme ich vor Mittwoch nicht mehr an den PC dran. Denke mal erst am Mittwoch im Laufe der späten Abendstunden kann ich hier die Logs posten.

Hast du eine Idee wie ich diese "Cache" von Google Chrom für zu installierende Plugin löschen kann?

Ich persönliche vermute, dass es anhand der Chrome-Plugin-Installationsid doch mehr ist als nur das echte Bing Plugin

siehe
https://www.reasoncoresecurity.com/manifest.json-0bdd42150b7c3144f56e242d25479b6dc802042d.aspx

burningice · 22.08.2016, 12:39

okay ich warte.

jack1989 · 22.08.2016, 15:33

Unerwarte kann ich heute doch noch an diesen Rechner

ESET Log

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5bb5d85b40f33b4f9188ab9953427fbb
# end=init
# utc_time=2016-08-22 01:15:50
# local_time=2016-08-22 03:15:50 (+0100, Central Europe Daylight Time)
# country="United States"
# osver=6.1.7600 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30502
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5bb5d85b40f33b4f9188ab9953427fbb
# end=updated
# utc_time=2016-08-22 01:19:29
# local_time=2016-08-22 03:19:29 (+0100, Central Europe Daylight Time)
# country="United States"
# osver=6.1.7600 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5bb5d85b40f33b4f9188ab9953427fbb
# engine=30502
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-22 01:59:52
# local_time=2016-08-22 03:59:52 (+0100, Central Europe Daylight Time)
# country="United States"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 66516573 224324525 0 0
# scanned=154385
# found=0
# cleaned=0
# scan_time=2422

FRST Log

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by intell (administrator) on INTELL-PC (22-08-2016 16:29:38)
Running from C:\Users\intell\Desktop
Loaded Profiles: intell (Available Profiles: intell)
Platform: Windows 7 Ultimate (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\...\MountPoints2: {55d2ea39-c190-11e3-ba49-003005ef8e96} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{2B4634F1-F67C-4297-9E7B-675B378D425F}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Extension: Fasterfox - C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-08-18]
FF Extension: Adblock Plus - C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome: 
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.google.rs/?gws_rd=cr&ei=4FJ_U56rGIq5yQPp24CQBw"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd [2016-08-20]
CHR Extension: (Bing) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR HKLM\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.LEHSEAYKX2HMBYISHE5Q6KAQTQ - C:\Users\intell\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-08-14] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-08-14] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-08-14] (Acronis International GmbH)
S3 EverestDriver; \??\F:\programi\Everest 5.50\kerneld.amd64 [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-22 16:29 - 2016-08-22 16:30 - 00009553 _____ C:\Users\intell\Desktop\FRST.txt
2016-08-22 16:29 - 2016-08-22 16:29 - 00000000 ____D C:\Users\intell\Desktop\FRST-OlderVersion
2016-08-22 15:15 - 2016-08-22 15:15 - 02870984 _____ (ESET) C:\Users\intell\Downloads\esetsmartinstaller_deu.exe
2016-08-22 15:15 - 2016-08-22 15:15 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-20 16:55 - 2016-08-20 16:55 - 00000010 _____ C:\Users\intell\AppData\Local\sponge.last.runtime.cache
2016-08-20 16:49 - 2016-08-20 16:49 - 00000000 ____D C:\Windows\Trend Micro
2016-08-20 16:49 - 2016-08-20 16:49 - 00000000 ____D C:\ProgramData\Trend Micro
2016-08-20 16:46 - 2015-12-24 15:03 - 00316168 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2016-08-20 16:45 - 2016-08-20 16:45 - 02527376 _____ (Trend Micro Inc.) C:\Users\intell\Downloads\HousecallLauncher64.exe
2016-08-20 16:45 - 2016-08-20 16:45 - 00000036 _____ C:\Users\intell\AppData\Local\housecall.guid.cache
2016-08-20 16:10 - 2016-08-20 16:11 - 00002455 _____ C:\Users\intell\Desktop\FSS.txt
2016-08-20 16:10 - 2016-08-20 16:10 - 00899584 _____ (Farbar) C:\Users\intell\Desktop\FSS.exe
2016-08-20 16:02 - 2016-08-20 16:15 - 00190500 _____ C:\Users\intell\Desktop\TDSSKiller.3.1.0.11_20.08.2016_16.02.49_log.txt
2016-08-20 16:02 - 2016-08-20 16:02 - 04747704 _____ (AO Kaspersky Lab) C:\Users\intell\Desktop\tdsskiller.exe
2016-08-20 15:35 - 2016-08-20 15:35 - 00000000 ____D C:\Windows\system32\EventProviders
2016-08-20 15:25 - 2016-08-20 15:29 - 315013596 _____ C:\Users\intell\Downloads\Windows6.1-KB947821-v10-x64.msu
2016-08-20 15:08 - 2016-08-20 15:08 - 947070088 _____ (Microsoft Corporation) C:\Users\intell\Downloads\windows6.1-KB976932-X64.exe
2016-08-20 14:09 - 2016-08-20 14:10 - 00018814 _____ C:\Users\intell\Desktop\Addition2.txt
2016-08-20 14:08 - 2016-08-20 14:10 - 00016361 _____ C:\Users\intell\Desktop\FRST1.txt
2016-08-20 14:07 - 2016-08-22 16:29 - 02396672 _____ (Farbar) C:\Users\intell\Desktop\FRST64.exe
2016-08-20 14:07 - 2016-08-22 16:29 - 00000000 ____D C:\FRST
2016-08-20 12:43 - 2016-08-20 13:15 - 00000000 ____D C:\Program Files\Reason
2016-08-20 12:04 - 2016-08-20 12:04 - 00001433 _____ C:\Users\intell\Desktop\AdwCleaner[S0].txt
2016-08-20 11:51 - 2016-08-20 11:51 - 03784256 _____ C:\Users\intell\Desktop\adwcleaner_6.000.exe
2016-08-20 11:44 - 2016-08-20 11:53 - 00000000 ____D C:\AdwCleaner
2016-08-20 11:43 - 2016-08-20 11:43 - 00001204 _____ C:\Users\intell\Desktop\malwarebyte log.txt
2016-08-20 11:15 - 2016-08-20 11:15 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-20 10:50 - 2016-08-20 10:50 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-20 10:50 - 2016-08-20 10:50 - 00000965 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-18 01:06 - 2016-08-18 01:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-18 00:20 - 2016-08-18 00:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-08-18 00:08 - 2016-08-20 11:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-18 00:08 - 2016-08-20 11:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-18 00:08 - 2016-08-20 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-18 00:08 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-18 00:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-18 00:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-09 18:22 - 2016-08-09 18:22 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-09 18:22 - 2016-08-09 18:22 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-09 18:22 - 2016-08-09 18:22 - 00000000 ____D C:\Users\intell\AppData\Roaming\Mozilla
2016-08-09 18:21 - 2016-08-09 18:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-22 15:58 - 2015-02-25 20:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-22 15:56 - 2014-05-10 14:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-22 15:11 - 2014-06-13 20:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-22 09:49 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-22 09:49 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-22 09:42 - 2015-02-25 20:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-22 09:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-21 11:09 - 2014-04-05 13:35 - 00000000 ____D C:\Users\intell\AppData\Roaming\Skype
2016-08-20 13:39 - 2014-04-05 14:13 - 00000000 ____D C:\Users\intell\AppData\Local\ESET
2016-08-20 13:14 - 2015-12-26 20:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-20 12:10 - 2014-04-11 19:20 - 00108840 _____ C:\Users\intell\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-20 11:50 - 2015-08-14 15:19 - 00000000 ____D C:\Users\intell\Downloads\old
2016-08-20 11:47 - 2009-07-14 06:45 - 05036568 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-20 11:40 - 2015-08-14 18:11 - 00000000 ____D C:\Windows\pss
2016-08-20 10:52 - 2014-04-13 17:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-20 10:51 - 2015-07-29 17:11 - 00000000 ____D C:\Users\intell\AppData\Local\Adobe
2016-08-18 01:02 - 2014-09-03 15:06 - 00001945 _____ C:\Windows\epplauncher.mif
2016-08-18 00:20 - 2015-07-28 20:41 - 00000000 ____D C:\ProgramData\Adobe
2016-08-15 20:44 - 2014-12-24 19:11 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-11 20:06 - 2014-04-05 13:34 - 00000000 ____D C:\ProgramData\Skype
2016-08-09 18:19 - 2014-04-11 14:15 - 00000000 ____D C:\Users\intell\AppData\Local\ElevatedDiagnostics
2016-08-09 00:01 - 2015-07-15 22:16 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 00:01 - 2015-07-15 22:16 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-28 23:53 - 2015-02-25 20:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 23:53 - 2015-02-25 20:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 12:44 - 2015-08-20 09:00 - 00000000 ____D C:\Users\intell\AppData\Roaming\vlc
2016-07-28 12:33 - 2015-09-21 15:19 - 00000000 ____D C:\Users\intell\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2016-03-23 15:37 - 2016-03-23 15:37 - 0000132 _____ () C:\Users\intell\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-20 16:45 - 2016-08-20 16:45 - 0000036 _____ () C:\Users\intell\AppData\Local\housecall.guid.cache
2016-08-20 16:55 - 2016-08-20 16:55 - 0000010 _____ () C:\Users\intell\AppData\Local\sponge.last.runtime.cache

Files to move or delete:
====================
C:\Users\LightroomPortable\LightroomPortable.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-16 23:18

==================== End of FRST.txt ============================

--- --- ---

Additions Log

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by intell (22-08-2016 16:30:40)
Running from C:\Users\intell\Desktop
Windows 7 Ultimate (X64) (2014-04-05 11:04:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3642538609-3829134156-1005489332-500 - Administrator - Disabled)
Guest (S-1-5-21-3642538609-3829134156-1005489332-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3642538609-3829134156-1005489332-1002 - Limited - Enabled)
intell (S-1-5-21-3642538609-3829134156-1005489332-1000 - Administrator - Enabled) => C:\Users\intell

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
JPEG Lossless Rotator 9.1 (HKLM\...\JPEG Lossless Rotator_is1) (Version:  - Anny)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
Nero 8 Micro v8.3.6.0 (HKLM-x32\...\Nero8360_Micro_is1) (Version:  - www.nero.com)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
Total Commander 7.56a Vi7Pack 1.83 (31.08.2011) (HKLM\...\Total Commander Vi7Pack_is1) (Version: 1.83 - vadimsva)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B9F9C8E7-BCF9-4BE1-895A-41C2E76820C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {E6304634-EC2F-462E-A646-51383A9B0744} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
Task: {E7CCAA55-44FC-4AE1-9018-80A98F32B8F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
Task: {F70F6A54-93A8-4560-8B3A-352DD8ABD2DB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2014-04-05 14:11 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2015-08-21 16:16 - 2013-03-13 15:08 - 02268160 _____ () C:\Program Files\JPEG Lossless Rotator\contmenu.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-08-20 13:15 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\intell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: .EsetTrialReset => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\Windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BingSvc => C:\Users\intell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{679946E1-A79C-40A3-A8E8-EE2FFF601DBE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5A0A57D2-56C2-45CF-B6F4-851D1ACFA27A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D70EAC3A-953B-4256-8B58-B88E0F0E928F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{EDA4BEBA-1094-491B-BA90-21C98F72067E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{3D158BA7-21E5-40D0-BAF1-118D59521E99}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{27FFE023-CC4D-4C1C-A9BF-E30990EC2E81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4EC81DF1-4E04-4AE2-BC93-45FB82B740DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1535DB1A-6E82-445F-ACFF-19B4F3E211E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{713AE5A7-D249-4BDB-A5A9-1C69FBE283D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{61A7B182-D0EF-40EC-8886-EA3D711BFCFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D44F228D-E7C9-47EA-8CF0-9997DE9D8151}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{805D7F15-2FE2-45F3-9D72-A0585CD3A927}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/22/2016 04:27:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/22/2016 04:15:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 04:15:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 04:15:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 04:15:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 03:45:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 03:45:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 03:45:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 03:45:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.

Error: (08/22/2016 03:15:45 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (988) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546.


System errors:
=============
Error: (08/22/2016 03:19:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading

Error: (08/22/2016 03:19:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\intell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/22/2016 03:19:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading

Error: (08/22/2016 03:19:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\intell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/22/2016 03:19:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading

Error: (08/22/2016 03:19:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\intell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/22/2016 03:17:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading

Error: (08/22/2016 03:17:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\intell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (08/22/2016 03:17:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading

Error: (08/22/2016 03:17:04 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\intell\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Percentage of memory in use: 49%
Total physical RAM: 2038.11 MB
Available physical RAM: 1037.52 MB
Total Virtual: 5095.11 MB
Available Virtual: 3645.08 MB

==================== Drives ================================

Drive c: (sistem) (Fixed) (Total:47.89 GB) (Free:21.85 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:417.87 GB) (Free:355.37 GB) NTFS
Drive e: (Backup) (Fixed) (Total:931.51 GB) (Free:810.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FAE6A423)
Partition 1: (Active) - (Size=47.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=417.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 651B2DAE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

--- --- ---

burningice · 24.08.2016, 10:56

Schritt: 1
Bitte folge mal dieser Anleitung: https://support.google.com/chrome/answer/3296214?hl=de

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Hast du noch irgendwelche Probleme mit deinem Rechner?

jack1989 · 24.08.2016, 20:43

Hallo Rafael,

konnte leider nicht früher antworten.

Google Chrome Reset gemäß Anleitung durchgeführt, anschließend kein Neustart durchführt

Außer die beiden Werbe-Addons in Google Chrom, und ich bin mir sicher das es nicht die Original Bing und Ask.com Addons sind hat der Rechner keine Schmerzen

FRST Log Teil 1

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2016 01
Ran by intell (administrator) on INTELL-PC (24-08-2016 21:38:39)
Running from C:\Users\intell\Desktop
Loaded Profiles: intell (Available Profiles: intell)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-28] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\...\MountPoints2: {55d2ea39-c190-11e3-ba49-003005ef8e96} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-28] (Acronis)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{2B4634F1-F67C-4297-9E7B-675B378D425F}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-03-11] (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)
FF Extension: Fasterfox - C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2016-08-18]
FF Extension: Adblock Plus - C:\Users\intell\AppData\Roaming\Mozilla\Firefox\Profiles\goque4zg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-18]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found

Chrome: 
=======
CHR HomePage: Default -> search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxps://www.google.rs/?gws_rd=cr&ei=4FJ_U56rGIq5yQPp24CQBw"
CHR DefaultSearchURL: Default -> hxxp://www.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> search.ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Ask Search) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaapdcjfaomkafnbpoclmfakjianjd [2016-08-20]
CHR Extension: (Bing) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-08-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\intell\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-20]
CHR HKLM\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaapdcjfaomkafnbpoclmfakjianjd] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.LEHSEAYKX2HMBYISHE5Q6KAQTQ - C:\Users\intell\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7248144 2016-08-08] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation                           )
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-08-14] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-08-14] (Acronis)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-08-14] (Acronis International GmbH)
S3 EverestDriver; \??\F:\programi\Everest 5.50\kerneld.amd64 [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-24 21:38 - 2016-08-24 21:39 - 00009010 _____ C:\Users\intell\Desktop\FRST.txt
2016-08-22 22:42 - 2016-08-22 22:42 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-22 22:42 - 2016-08-22 22:42 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-22 22:41 - 2016-08-22 22:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-22 22:41 - 2016-08-22 22:41 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-22 22:41 - 2016-08-22 22:41 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-22 22:41 - 2016-08-22 22:41 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-08-22 22:41 - 2016-08-22 22:41 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-08-22 22:41 - 2016-08-22 22:41 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-22 22:41 - 2016-08-22 22:41 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-22 22:41 - 2016-08-22 22:41 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-08-22 22:41 - 2016-08-22 22:41 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-08-22 22:41 - 2016-08-22 22:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-08-22 22:41 - 2016-08-22 22:41 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-08-22 22:41 - 2016-08-22 22:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-22 22:40 - 2016-08-22 22:40 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-08-22 22:40 - 2016-08-22 22:40 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-08-22 22:40 - 2016-08-22 22:40 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-08-22 22:40 - 2016-08-22 22:40 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-08-22 22:40 - 2016-08-22 22:40 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-08-22 22:40 - 2016-08-22 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-08-22 22:38 - 2016-08-22 22:38 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-22 22:38 - 2016-08-22 22:38 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-08-22 22:37 - 2016-08-22 22:37 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-08-22 22:37 - 2016-08-22 22:37 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-08-22 22:34 - 2016-08-22 22:35 - 55915216 _____ (Microsoft Corporation) C:\Users\intell\Downloads\IE11-Windows6.1-x64-en-us.exe
2016-08-22 19:32 - 2016-08-22 19:32 - 00000000 ____D C:\Windows\system32\SPReview
2016-08-22 18:29 - 2010-11-20 05:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2016-08-22 18:29 - 2010-11-20 05:34 - 00295808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-08-22 18:29 - 2010-11-20 05:34 - 00215936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 01659776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-08-22 18:29 - 2010-11-20 05:33 - 00273792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00171392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00152960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00140672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00095616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00078720 _____ (Hewlett-Packard Company) C:\Windows\system32\Drivers\HpSAMD.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2016-08-22 18:29 - 2010-11-20 05:33 - 00014720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2016-08-22 18:29 - 2010-11-20 05:32 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-08-22 18:29 - 2010-11-20 05:32 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2016-08-22 18:29 - 2010-11-20 05:32 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2016-08-22 18:29 - 2010-11-20 05:29 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-08-22 18:29 - 2010-11-20 05:29 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-08-22 18:29 - 2010-11-20 05:29 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-08-22 18:29 - 2010-11-20 05:29 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-22 18:29 - 2010-11-20 05:29 - 00223248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-22 18:29 - 2010-11-20 05:27 - 14174208 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 03860992 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 02652160 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 02543616 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 02262528 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 02086912 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01911808 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-08-22 18:29 - 2010-11-20 05:27 - 01808384 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01753088 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01363968 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01243136 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-08-22 18:29 - 2010-11-20 05:27 - 01197056 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01109504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 01050624 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-08-22 18:29 - 2010-11-20 05:27 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00898560 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00867840 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00800256 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-08-22 18:29 - 2010-11-20 05:27 - 00636416 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00633344 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00605696 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00527872 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00444416 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2016-08-22 18:29 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00221696 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\vss_ps.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2016-08-22 18:29 - 2010-11-20 05:27 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 04120064 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 03391488 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 02067456 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 01866240 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 01340416 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 01244160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 01087488 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00955904 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-22 18:29 - 2010-11-20 05:26 - 00715264 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-08-22 18:29 - 2010-11-20 05:26 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00282624 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00281600 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2016-08-22 18:29 - 2010-11-20 05:26 - 00137216 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2016-08-22 18:29 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2016-08-22 18:29 - 2010-11-20 05:26 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 03957760 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 03524608 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 01927680 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 01600512 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00349696 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00128000 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2016-08-22 18:29 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2016-08-22 18:29 - 2010-11-20 05:25 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00899584 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2016-08-22 18:29 - 2010-11-20 05:24 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2016-08-22 18:29 - 2010-11-20 05:24 - 00653312 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00474112 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2016-08-22 18:29 - 2010-11-20 05:24 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-08-22 18:29 - 2010-11-20 05:24 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2016-08-22 18:29 - 2010-11-20 05:24 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2016-08-22 18:29 - 2010-11-20 05:24 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2016-08-22 18:29 - 2010-11-20 05:24 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2016-08-22 18:29 - 2010-11-20 05:24 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2016-08-22 18:29 - 2010-11-20 05:24 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2016-08-22 18:29 - 2010-11-20 05:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2016-08-22 18:29 - 2010-11-20 05:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\choice.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2016-08-22 18:29 - 2010-11-20 05:24 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2016-08-22 18:29 - 2010-11-20 05:15 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2016-08-22 18:29 - 2010-11-20 05:13 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2016-08-22 18:29 - 2010-11-20 05:12 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2016-08-22 18:29 - 2010-11-20 05:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2016-08-22 18:29 - 2010-11-20 05:02 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-08-22 18:29 - 2010-11-20 05:02 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-08-22 18:29 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2016-08-22 18:29 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2016-08-22 18:29 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2016-08-22 18:29 - 2010-11-20 04:55 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-08-22 18:29 - 2010-11-20 04:51 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-22 18:29 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPCRYPT.DLL
2016-08-22 18:29 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncCenter.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPEncEn.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-08-22 18:29 - 2010-11-20 04:21 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RacEngn.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-08-22 18:29 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadefui.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\systemcpl.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanui.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\raschap.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wavemsp.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdscore.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpsrcwp.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpipcfg.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spp.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppinst.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srvcli.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spbcd.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samcli.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wtsapi32.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TRAPI.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdprefdrvapi.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schedcli.dll
2016-08-22 18:29 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVCORE.DLL
2016-08-22 18:29 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkexplorer.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00656384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PerfCenterCPL.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercpl.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshipsec.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OnLineIDCpl.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qcap.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceSyncProvider.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetapi.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiohlp.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\provsvc.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntlanman.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptui.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2016-08-22 18:29 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcconf.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 01698816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 01390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 01163264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2fs.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ipsmsnap.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imapi2.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MediaMetadataHandler.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSAC3ENC.DLL
2016-08-22 18:29 - 2010-11-20 04:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iTVData.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MMDevAPI.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstask.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprapi.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fde.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\migisol.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2016-08-22 18:29 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lsmproxy.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\accessibilitycpl.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 01792000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DxpTaskSync.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 01154048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuxiliaryDisplayCpl.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AdmTmpl.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3ui.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efscore.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\activeds.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dskquoui.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabview.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3cfg.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-22 18:29 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elsTrans.dll
2016-08-22 18:29 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\C_ISCII.DLL
2016-08-22 18:29 - 2010-11-20 04:17 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00322048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ocsetup.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsicli.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskpart.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupugc.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mobsync.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\Windows\SysWOW64\Robocopy.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logagent.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\isoburn.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MuiUnattend.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzutil.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unlodctr.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netiougc.exe
2016-08-22 18:29 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-08-22 18:29 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Bubbles.scr
2016-08-22 18:29 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2016-08-22 18:29 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2016-08-22 18:29 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysdm.cpl
2016-08-22 18:29 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2016-08-22 18:29 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Ribbons.scr
2016-08-22 18:29 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2016-08-22 18:29 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Kswdmcap.ax
2016-08-22 18:29 - 2010-11-20 04:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2016-08-22 18:29 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\g711codc.ax
2016-08-22 18:29 - 2010-11-20 04:08 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-08-22 18:29 - 2010-11-20 04:08 - 00119808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imm32.dll
2016-08-22 18:29 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUF.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSG.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDCZ1.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDSF.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDPO.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINORI.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINKAN.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUGHR1.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMAORI.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDLT1.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTEL.DLL
2016-08-22 18:29 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBLR.DLL
2016-08-22 18:29 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2016-08-22 18:29 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-08-22 18:29 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-08-22 18:29 - 2010-11-20 03:07 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-08-22 18:29 - 2010-11-20 03:05 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2016-08-22 18:29 - 2010-11-20 03:03 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2016-08-22 18:29 - 2010-11-20 02:52 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-08-22 18:29 - 2010-11-20 02:52 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2016-08-22 18:29 - 2010-11-20 02:52 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipfltdrv.sys
2016-08-22 18:29 - 2010-11-20 02:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2016-08-22 18:29 - 2010-11-20 02:44 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2016-08-22 18:29 - 2010-11-20 02:44 - 00184960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2016-08-22 18:29 - 2010-11-20 02:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2016-08-22 18:29 - 2010-11-20 02:43 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2016-08-22 18:29 - 2010-11-20 02:43 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2016-08-22 18:29 - 2010-11-20 02:33 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2016-08-22 18:29 - 2010-11-20 02:14 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-08-22 18:29 - 2010-11-20 02:04 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-08-22 18:29 - 2010-11-20 01:58 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2016-08-22 18:29 - 2010-11-20 01:57 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2016-08-22 18:29 - 2010-11-20 01:53 - 03126272 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-22 18:29 - 2010-11-20 01:49 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-08-22 18:29 - 2010-11-20 01:28 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-08-22 18:29 - 2010-11-20 01:27 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2016-08-22 18:29 - 2010-11-20 01:27 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-22 18:29 - 2010-11-20 01:27 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-22 18:29 - 2010-11-20 01:25 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2016-08-22 18:29 - 2010-11-20 01:23 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-08-22 18:29 - 2010-11-20 01:19 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2016-08-22 18:29 - 2010-11-19 19:52 - 00419880 _____ C:\Windows\SysWOW64\locale.nls
2016-08-22 18:29 - 2010-11-19 19:52 - 00419880 _____ C:\Windows\system32\locale.nls
2016-08-22 18:29 - 2010-11-04 18:20 - 00347904 _____ C:\Windows\system32\systemsf.ebd
2016-08-22 18:29 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2016-08-22 18:29 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2016-08-22 18:29 - 2010-11-04 17:57 - 00154960 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2016-08-22 18:28 - 2010-11-20 05:44 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2016-08-22 18:28 - 2010-11-20 05:34 - 00363392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgrx.sys
2016-08-22 18:28 - 2010-11-20 05:34 - 00199552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2016-08-22 18:28 - 2010-11-20 05:34 - 00071552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2016-08-22 18:28 - 2010-11-20 05:34 - 00046464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2016-08-22 18:28 - 2010-11-20 05:34 - 00034688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00263040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-08-22 18:28 - 2010-11-20 05:33 - 00213888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00184704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00155008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00094592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00075136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00063360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00052096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2016-08-22 18:28 - 2010-11-20 05:33 - 00031104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2016-08-22 18:28 - 2010-11-20 05:32 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2016-08-22 18:28 - 2010-11-20 05:32 - 00334208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2016-08-22 18:28 - 2010-11-20 05:32 - 00179072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-08-22 18:28 - 2010-11-20 05:32 - 00155520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2016-08-22 18:28 - 2010-11-20 05:29 - 00459248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-22 18:28 - 2010-11-20 05:29 - 00298104 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-22 18:28 - 2010-11-20 05:28 - 00166784 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 14633472 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 03650560 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 03027968 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 03008000 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 02314752 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 02250752 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

jack1989 · 24.08.2016, 20:45

FRST Log Teil 2

Code:

ATTFilter

2016-08-22 18:28 - 2010-11-20 05:27 - 02193920 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 02018304 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01900544 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01881088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01646080 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01572352 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01556992 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01509888 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01281024 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01219584 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01212416 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 01158656 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01098240 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01082880 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 01008128 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00849920 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00799744 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00781312 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00691200 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00681472 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00577536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00568832 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00529408 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00409600 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00153088 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00143360 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2016-08-22 18:28 - 2010-11-20 05:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-08-22 18:28 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-08-22 18:28 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 03205120 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 02746880 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 01457664 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 01456128 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 01065984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00934912 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00317952 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\fdProxy.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2016-08-22 18:28 - 2010-11-20 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 03745792 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 01975296 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 01504256 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00958464 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00897536 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00840192 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00749568 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00705024 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-08-22 18:28 - 2010-11-20 05:25 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00390656 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00095744 _____ C:\Windows\system32\RDVGHelper.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2016-08-22 18:28 - 2010-11-20 05:25 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\BWUnpairElevated.dll
2016-08-22 18:28 - 2010-11-20 05:25 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2016-08-22 18:28 - 2010-11-20 05:24 - 02872320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00777728 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00763904 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2016-08-22 18:28 - 2010-11-20 05:24 - 00373248 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2016-08-22 18:28 - 2010-11-20 05:24 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2016-08-22 18:28 - 2010-11-20 05:24 - 00300032 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2016-08-22 18:28 - 2010-11-20 05:24 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2016-08-22 18:28 - 2010-11-20 05:24 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2016-08-22 18:28 - 2010-11-20 05:24 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2016-08-22 18:28 - 2010-11-20 05:24 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\FXSUNATD.exe
2016-08-22 18:28 - 2010-11-20 05:16 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-08-22 18:28 - 2010-11-20 05:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-22 18:28 - 2010-11-20 05:13 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-08-22 18:28 - 2010-11-20 05:09 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
2016-08-22 18:28 - 2010-11-20 05:09 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
2016-08-22 18:28 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2016-08-22 18:28 - 2010-11-20 05:02 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2016-08-22 18:28 - 2010-11-20 04:54 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2016-08-22 18:28 - 2010-11-20 04:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-ums-l1-1-0.dll
2016-08-22 18:28 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NAPHLPR.DLL
2016-08-22 18:28 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthFWSnapin.dll
2016-08-22 18:28 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 12872192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanpref.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vault.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-08-22 18:28 - 2010-11-20 04:21 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlsrv32.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-08-22 18:28 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmdev.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmnet.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shwebsvc.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlangpui.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizeng.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsvcs.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqlcese30.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srchadmin.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpdxm.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scansetting.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tapisrv.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVolSSO.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdwcn.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2016-08-22 18:28 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syncui.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\remotepg.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twext.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpps.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxlib.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiavideo.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2016-08-22 18:28 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QUTIL.DLL
2016-08-22 18:28 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\regapi.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tlscsp.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdmat.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpd3d.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RpcRtRemote.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtutils.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimgvw.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\utildll.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vpnikeapi.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shgina.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spopk.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sisbkup.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\syssetup.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shunimpl.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched32.dll
2016-08-22 18:28 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-08-22 18:28 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\networkmap.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pnidui.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onexui.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OobeFldr.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceStatus.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnfldr.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdv.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\onex.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QAGENT.DLL
2016-08-22 18:28 - 2010-11-20 04:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netjoin.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mydocs.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prntvpt.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netid.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prncache.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nci.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olethk32.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QCLIPROV.DLL
2016-08-22 18:28 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\napdsnap.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netutils.dll
2016-08-22 18:28 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfts.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 03215872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 02341376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallControlPanel.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localsec.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxclu.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-08-22 18:28 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrad.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvfw32.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL
2016-08-22 18:28 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fphc.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciavi32.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasacct.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdeploy.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimefilt.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciqtz32.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\httpapi.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msasn1.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvidc32.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdmo.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2016-08-22 18:28 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrle32.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certmgr.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroles.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\batmeter.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsuiext.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appmgr.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2016-08-22 18:28 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpx.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\audiodev.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairingFolder.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsldp.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoplay.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscobj.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscmmc.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\avifil32.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\amstream.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertPolEng.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\acppage.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsauth.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzSqlExt.dll
2016-08-22 18:28 - 2010-11-20 04:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-22 18:28 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfrgui.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimserv.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eudcedit.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskraid.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PkgMgr.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nslookup.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmstp.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\w32tm.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findstr.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\takeown.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\proquota.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userinit.exe
2016-08-22 18:28 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgentc.exe
2016-08-22 18:28 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmsys.cpl
2016-08-22 18:28 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2016-08-22 18:28 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autofmt.exe
2016-08-22 18:28 - 2010-11-20 04:16 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2016-08-22 18:28 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2016-08-22 18:28 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssText3d.scr
2016-08-22 18:28 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2016-08-22 18:28 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mystify.scr
2016-08-22 18:28 - 2010-11-20 04:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2016-08-22 18:28 - 2010-11-20 04:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2016-08-22 18:28 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsadmin.exe
2016-08-22 18:28 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdmaud.drv
2016-08-22 18:28 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kstvtune.ax
2016-08-22 18:28 - 2010-11-20 04:16 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2016-08-22 18:28 - 2010-11-20 04:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2016-08-22 18:28 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksxbar.ax
2016-08-22 18:28 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbisurf.ax
2016-08-22 18:28 - 2010-11-20 04:08 - 00663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-22 18:28 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTUQ.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdlk41a.dll
2016-08-22 18:28 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGR1.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGKL.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDNEPR.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINBEN.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTURME.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDGEO.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBULG.DLL
2016-08-22 18:28 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2016-08-22 18:28 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwizres.dll
2016-08-22 18:28 - 2010-11-20 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-22 18:28 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pifmgr.dll
2016-08-22 18:28 - 2010-11-20 03:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnaddr.dll
2016-08-22 18:28 - 2010-11-20 03:37 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2016-08-22 18:28 - 2010-11-20 03:07 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2016-08-22 18:28 - 2010-11-20 03:06 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2016-08-22 18:28 - 2010-11-20 02:52 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pacer.sys
2016-08-22 18:28 - 2010-11-20 02:52 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\raspptp.sys
2016-08-22 18:28 - 2010-11-20 02:51 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2016-08-22 18:28 - 2010-11-20 02:51 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-08-22 18:28 - 2010-11-20 02:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-08-22 18:28 - 2010-11-20 02:44 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-08-22 18:28 - 2010-11-20 02:44 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2016-08-22 18:28 - 2010-11-20 02:44 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-08-22 18:28 - 2010-11-20 02:44 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-08-22 18:28 - 2010-11-20 02:44 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2016-08-22 18:28 - 2010-11-20 02:43 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2016-08-22 18:28 - 2010-11-20 02:43 - 00109696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2016-08-22 18:28 - 2010-11-20 02:43 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-22 18:28 - 2010-11-20 02:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-22 18:28 - 2010-11-20 02:42 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2016-08-22 18:28 - 2010-11-20 02:33 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2016-08-22 18:28 - 2010-11-20 02:10 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2016-08-22 18:28 - 2010-11-20 01:57 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
2016-08-22 18:28 - 2010-11-20 01:57 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
2016-08-22 18:28 - 2010-11-20 01:57 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2016-08-22 18:28 - 2010-11-20 01:49 - 00367104 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-08-22 18:28 - 2010-11-20 01:27 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-08-22 18:28 - 2010-11-20 01:27 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-08-22 18:28 - 2010-11-20 01:26 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2016-08-22 18:28 - 2010-11-20 01:26 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-22 18:28 - 2010-11-20 01:26 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-08-22 18:28 - 2010-11-20 01:26 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-22 18:28 - 2010-11-20 01:26 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-22 18:28 - 2010-11-20 01:21 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-08-22 18:28 - 2010-11-20 01:07 - 00294400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-08-22 18:28 - 2010-11-04 18:11 - 00433512 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2016-08-22 18:28 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2016-08-22 18:28 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2016-08-22 18:28 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2016-08-22 18:28 - 2010-11-04 17:57 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2016-08-22 18:28 - 2010-11-04 17:57 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2016-08-22 18:28 - 2010-11-04 17:57 - 00048976 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2016-08-22 18:28 - 2010-11-04 17:53 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2016-08-22 18:28 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2016-08-22 18:28 - 2010-11-04 17:53 - 00109928 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2016-08-22 18:28 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2016-08-22 18:28 - 2009-07-13 17:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tcpmonui.dll
2016-08-22 18:28 - 2009-06-10 13:40 - 00001041 _____ C:\Windows\SysWOW64\tcpbidi.xml
2016-08-22 18:27 - 2010-11-20 05:39 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 02072576 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00481280 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2016-08-22 18:27 - 2010-11-20 05:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2016-08-22 18:27 - 2010-11-20 05:25 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2016-08-22 18:27 - 2010-11-20 05:25 - 00472064 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2016-08-22 18:27 - 2010-11-20 05:25 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2016-08-22 18:27 - 2010-11-20 05:24 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-08-22 18:27 - 2010-11-20 05:14 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SensorsCpl.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMNetMgr.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\termmgr.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpeffects.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSATAPI.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sqmapi.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpshell.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wkscli.dll
2016-08-22 18:27 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsbyuv.dll
2016-08-22 18:27 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-08-22 18:27 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\azroleui.dll
2016-08-22 18:27 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sethc.exe
2016-08-22 18:27 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskmgr.exe
2016-08-22 18:27 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autoconv.exe
2016-08-22 18:27 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-08-22 18:27 - 2010-11-20 04:08 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-08-22 18:27 - 2010-11-20 04:08 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-22 18:27 - 2010-11-20 03:04 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-08-22 18:27 - 2010-11-20 03:04 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-08-22 18:27 - 2010-11-20 02:34 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2016-08-22 18:27 - 2010-11-20 01:22 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2016-08-22 18:26 - 2010-11-20 05:44 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2016-08-22 18:26 - 2010-11-20 05:33 - 00951680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-08-22 18:26 - 2010-11-20 05:33 - 00366976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2016-08-22 18:26 - 2010-11-20 05:33 - 00103808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2016-08-22 18:26 - 2010-11-20 05:27 - 03715584 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 02146816 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 01672704 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 01118208 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00812032 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2016-08-22 18:26 - 2010-11-20 05:27 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2016-08-22 18:26 - 2010-11-20 05:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2016-08-22 18:26 - 2010-11-20 05:26 - 00551936 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2016-08-22 18:26 - 2010-11-20 05:25 - 01264640 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2016-08-22 18:26 - 2010-11-20 05:25 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2016-08-22 18:26 - 2010-11-20 05:25 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2016-08-22 18:26 - 2010-11-20 05:25 - 00238080 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2016-08-22 18:26 - 2010-11-20 05:25 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2016-08-22 18:26 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2016-08-22 18:26 - 2010-11-20 05:24 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2016-08-22 18:26 - 2010-11-20 05:24 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2016-08-22 18:26 - 2010-11-20 05:24 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2016-08-22 18:26 - 2010-11-20 04:30 - 00079232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvgumd32.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00560128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrptadm.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsdchngr.dll
2016-08-22 18:26 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshirda.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcenter.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2016-08-22 18:26 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netdiagfx.dll
2016-08-22 18:26 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-08-22 18:26 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-08-22 18:26 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msutb.dll
2016-08-22 18:26 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetmib1.dll
2016-08-22 18:26 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iyuv_32.dll
2016-08-22 18:26 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msyuv.dll
2016-08-22 18:26 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-08-22 18:26 - 2010-11-20 04:17 - 00280064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2016-08-22 18:26 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\net1.exe
2016-08-22 18:26 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PushPrinterConnections.exe
2016-08-22 18:26 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2016-08-22 18:26 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-08-22 18:26 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSTPager.ax
2016-08-22 18:26 - 2010-11-20 03:04 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2016-08-22 18:26 - 2010-11-20 02:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-08-22 18:26 - 2010-11-20 02:50 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2016-08-22 18:26 - 2010-11-20 02:33 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2016-08-22 18:26 - 2010-11-20 01:30 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2016-08-22 18:26 - 2010-11-09 17:48 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml
2016-08-22 18:26 - 2010-11-04 18:20 - 00105559 _____ C:\Windows\SysWOW64\RacRules.xml
2016-08-22 18:26 - 2010-11-04 18:20 - 00105559 _____ C:\Windows\system32\RacRules.xml
2016-08-22 18:26 - 2009-07-13 17:16 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pmcsnap.dll
2016-08-22 18:26 - 2009-07-13 17:16 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ppcsnap.dll
2016-08-22 18:26 - 2009-06-10 13:40 - 00146389 _____ C:\Windows\SysWOW64\printmanagement.msc
2016-08-22 18:25 - 2010-11-20 05:33 - 00299392 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2016-08-22 18:25 - 2010-11-20 05:33 - 00289664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2016-08-22 18:25 - 2010-11-20 05:29 - 00780008 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00366080 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00124928 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2016-08-22 18:25 - 2010-11-20 05:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00784896 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00692224 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00239616 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2016-08-22 18:25 - 2010-11-20 05:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-22 18:25 - 2010-11-20 05:25 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2016-08-22 18:25 - 2010-11-20 05:25 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2016-08-22 18:25 - 2010-11-20 05:24 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2016-08-22 18:25 - 2010-11-20 05:24 - 00232448 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2016-08-22 18:25 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2016-08-22 18:25 - 2010-11-20 05:24 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-08-22 18:25 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2016-08-22 18:25 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2016-08-22 18:25 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2016-08-22 18:25 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2016-08-22 18:25 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2016-08-22 18:25 - 2010-11-20 04:58 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2016-08-22 18:25 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2016-08-22 18:25 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll
2016-08-22 18:25 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vdsbas.dll
2016-08-22 18:25 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountControlSettings.dll
2016-08-22 18:25 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vfwwdm32.dll
2016-08-22 18:25 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-08-22 18:25 - 2010-11-20 04:20 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFPlay.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ifsutil.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasrecst.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\SysWOW64\fms.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\Windows\SysWOW64\iccvid.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-08-22 18:25 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\luainstall.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\defaultlocationcpl.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EhStorAPI.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cabinet.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cca.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bitsperf.dll
2016-08-22 18:25 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browseui.dll
2016-08-22 18:25 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bthprops.cpl
2016-08-22 18:25 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\main.cpl
2016-08-22 18:25 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBICodec.ax
2016-08-22 18:25 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\desk.cpl
2016-08-22 18:25 - 2010-11-20 04:08 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-08-22 18:25 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINTAM.DLL
2016-08-22 18:25 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINMAR.DLL
2016-08-22 18:25 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDINHIN.DLL
2016-08-22 18:25 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDUS.DLL
2016-08-22 18:25 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAJIK.DLL
2016-08-22 18:25 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDMON.DLL
2016-08-22 18:25 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-08-22 18:25 - 2010-11-20 01:57 - 00021760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2016-08-22 18:25 - 2010-11-20 01:57 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2016-08-22 18:25 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCEWMDRMNDBootstrap.dll
2016-08-22 16:29 - 2016-08-22 16:31 - 00018374 _____ C:\Users\intell\Desktop\FRST2.txt
2016-08-22 15:56 - 2016-08-22 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-22 15:15 - 2016-08-22 15:15 - 02870984 _____ (ESET) C:\Users\intell\Desktop\esetsmartinstaller_deu.exe
2016-08-22 15:15 - 2016-08-22 15:15 - 00000000 ____D C:\Program Files (x86)\ESET
2016-08-20 16:55 - 2016-08-20 16:55 - 00000010 _____ C:\Users\intell\AppData\Local\sponge.last.runtime.cache
2016-08-20 16:49 - 2016-08-20 16:49 - 00000000 ____D C:\Windows\Trend Micro
2016-08-20 16:49 - 2016-08-20 16:49 - 00000000 ____D C:\ProgramData\Trend Micro
2016-08-20 16:46 - 2015-12-24 15:03 - 00316168 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2016-08-20 16:45 - 2016-08-20 16:45 - 02527376 _____ (Trend Micro Inc.) C:\Users\intell\Desktop\HousecallLauncher64.exe
2016-08-20 16:45 - 2016-08-20 16:45 - 00000036 _____ C:\Users\intell\AppData\Local\housecall.guid.cache
2016-08-20 16:10 - 2016-08-20 16:11 - 00002455 _____ C:\Users\intell\Desktop\FSS.txt
2016-08-20 16:10 - 2016-08-20 16:10 - 00899584 _____ (Farbar) C:\Users\intell\Desktop\FSS.exe
2016-08-20 16:02 - 2016-08-20 16:15 - 00190500 _____ C:\Users\intell\Desktop\TDSSKiller.3.1.0.11_20.08.2016_16.02.49_log.txt
2016-08-20 16:02 - 2016-08-20 16:02 - 04747704 _____ (AO Kaspersky Lab) C:\Users\intell\Desktop\tdsskiller.exe
2016-08-20 15:35 - 2016-08-20 15:35 - 00000000 ____D C:\Windows\system32\EventProviders
2016-08-20 14:09 - 2016-08-22 16:31 - 00020109 _____ C:\Users\intell\Desktop\Addition2.txt
2016-08-20 14:09 - 2016-08-20 14:10 - 00018814 _____ C:\Users\intell\Desktop\Addition1.txt
2016-08-20 14:08 - 2016-08-20 14:10 - 00016361 _____ C:\Users\intell\Desktop\FRST1.txt
2016-08-20 14:07 - 2016-08-24 21:38 - 00000000 ____D C:\FRST
2016-08-20 14:07 - 2016-08-22 16:29 - 02396672 _____ (Farbar) C:\Users\intell\Desktop\FRST64.exe
2016-08-20 12:43 - 2016-08-20 13:15 - 00000000 ____D C:\Program Files\Reason
2016-08-20 12:04 - 2016-08-20 12:04 - 00001433 _____ C:\Users\intell\Desktop\AdwCleaner[S0]1.txt
2016-08-20 11:44 - 2016-08-22 17:32 - 00000000 ____D C:\AdwCleaner
2016-08-20 11:43 - 2016-08-20 11:43 - 00001204 _____ C:\Users\intell\Desktop\malwarebyte log.txt
2016-08-20 11:15 - 2016-08-20 11:15 - 00001112 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-20 10:50 - 2016-08-20 10:50 - 00000977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-08-20 10:50 - 2016-08-20 10:50 - 00000965 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-08-18 01:06 - 2016-08-18 01:18 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-18 00:20 - 2016-08-18 00:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-08-18 00:08 - 2016-08-20 11:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-18 00:08 - 2016-08-20 11:22 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-18 00:08 - 2016-08-20 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-18 00:08 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-18 00:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-18 00:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-09 18:22 - 2016-08-09 18:22 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-09 18:22 - 2016-08-09 18:22 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-09 18:22 - 2016-08-09 18:22 - 00000000 ____D C:\Users\intell\AppData\Roaming\Mozilla
2016-08-09 18:21 - 2016-08-22 20:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-08-24 21:16 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-24 21:16 - 2009-07-14 06:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-24 21:08 - 2015-02-25 20:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-24 21:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-24 19:58 - 2015-02-25 20:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-23 10:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-08-22 22:48 - 2014-04-05 13:05 - 00001423 _____ C:\Users\intell\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-08-22 22:47 - 2014-06-13 20:42 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-08-22 22:47 - 2009-07-14 06:45 - 05036568 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-22 22:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-08-22 22:31 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-22 21:00 - 2015-07-15 22:16 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-22 21:00 - 2015-07-15 22:16 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-22 20:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-22 20:58 - 2014-04-06 01:56 - 00000000 ____D C:\Windows\Panther
2016-08-22 20:54 - 2009-07-14 09:46 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2016-08-22 20:54 - 2009-07-14 09:46 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-08-22 20:54 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\manifeststore
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-08-22 20:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-08-22 19:25 - 2009-07-14 04:36 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2016-08-22 19:25 - 2009-07-14 04:36 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2016-08-21 11:09 - 2014-04-05 13:35 - 00000000 ____D C:\Users\intell\AppData\Roaming\Skype
2016-08-20 13:39 - 2014-04-05 14:13 - 00000000 ____D C:\Users\intell\AppData\Local\ESET
2016-08-20 13:14 - 2015-12-26 20:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-20 12:10 - 2014-04-11 19:20 - 00108840 _____ C:\Users\intell\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-20 11:50 - 2015-08-14 15:19 - 00000000 ____D C:\Users\intell\Downloads\old
2016-08-20 11:40 - 2015-08-14 18:11 - 00000000 ____D C:\Windows\pss
2016-08-20 10:52 - 2014-04-13 17:54 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-20 10:51 - 2015-07-29 17:11 - 00000000 ____D C:\Users\intell\AppData\Local\Adobe
2016-08-18 01:02 - 2014-09-03 15:06 - 00001945 _____ C:\Windows\epplauncher.mif
2016-08-18 00:20 - 2015-07-28 20:41 - 00000000 ____D C:\ProgramData\Adobe
2016-08-15 20:44 - 2014-12-24 19:11 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-08-11 20:06 - 2014-04-05 13:34 - 00000000 ____D C:\ProgramData\Skype
2016-08-09 18:19 - 2014-04-11 14:15 - 00000000 ____D C:\Users\intell\AppData\Local\ElevatedDiagnostics
2016-07-28 23:53 - 2015-02-25 20:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 23:53 - 2015-02-25 20:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 12:44 - 2015-08-20 09:00 - 00000000 ____D C:\Users\intell\AppData\Roaming\vlc
2016-07-28 12:33 - 2015-09-21 15:19 - 00000000 ____D C:\Users\intell\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2016-03-23 15:37 - 2016-03-23 15:37 - 0000132 _____ () C:\Users\intell\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-20 16:45 - 2016-08-20 16:45 - 0000036 _____ () C:\Users\intell\AppData\Local\housecall.guid.cache
2016-08-20 16:55 - 2016-08-20 16:55 - 0000010 _____ () C:\Users\intell\AppData\Local\sponge.last.runtime.cache

Files to move or delete:
====================
C:\Users\LightroomPortable\LightroomPortable.exe


Some files in TEMP:
====================
C:\Users\intell\AppData\Local\Temp\libeay32.dll
C:\Users\intell\AppData\Local\Temp\msvcr120.dll
C:\Users\intell\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-08-16 23:18

==================== End of FRST.txt ============================

[/CODE]

jack1989 · 24.08.2016, 20:54

Addition Log

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2016 01
Ran by intell (24-08-2016 21:40:02)
Running from C:\Users\intell\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-04-05 11:04:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3642538609-3829134156-1005489332-500 - Administrator - Disabled)
Guest (S-1-5-21-3642538609-3829134156-1005489332-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3642538609-3829134156-1005489332-1002 - Limited - Enabled)
intell (S-1-5-21-3642538609-3829134156-1005489332-1000 - Administrator - Enabled) => C:\Users\intell

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.17) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.17 - Adobe Systems Incorporated)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
JPEG Lossless Rotator 9.1 (HKLM\...\JPEG Lossless Rotator_is1) (Version:  - Anny)
K-Lite Mega Codec Pack 10.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.5 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 48.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0.1 (x86 en-US)) (Version: 48.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.1.6073 - Mozilla)
Nero 8 Micro v8.3.6.0 (HKLM-x32\...\Nero8360_Micro_is1) (Version:  - www.nero.com)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.64630 - TeamViewer)
Total Commander 7.56a Vi7Pack 1.83 (31.08.2011) (HKLM\...\Total Commander Vi7Pack_is1) (Version: 1.83 - vadimsva)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B9F9C8E7-BCF9-4BE1-895A-41C2E76820C6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {E6304634-EC2F-462E-A646-51383A9B0744} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
Task: {E7CCAA55-44FC-4AE1-9018-80A98F32B8F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-25] (Google Inc.)
Task: {F70F6A54-93A8-4560-8B3A-352DD8ABD2DB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-04-05 14:11 - 2008-06-20 00:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-03-27 22:39 - 2013-03-27 22:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2015-08-21 16:16 - 2013-03-13 15:08 - 02268160 _____ () C:\Program Files\JPEG Lossless Rotator\contmenu.dll
2013-03-28 00:37 - 2013-03-28 00:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-03-27 22:09 - 2013-03-27 22:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-08-20 13:15 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3642538609-3829134156-1005489332-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\intell\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: .EsetTrialReset => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\Windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: BingSvc => C:\Users\intell\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{679946E1-A79C-40A3-A8E8-EE2FFF601DBE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{5A0A57D2-56C2-45CF-B6F4-851D1ACFA27A}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D70EAC3A-953B-4256-8B58-B88E0F0E928F}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{EDA4BEBA-1094-491B-BA90-21C98F72067E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{3D158BA7-21E5-40D0-BAF1-118D59521E99}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{27FFE023-CC4D-4C1C-A9BF-E30990EC2E81}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4EC81DF1-4E04-4AE2-BC93-45FB82B740DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1535DB1A-6E82-445F-ACFF-19B4F3E211E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{713AE5A7-D249-4BDB-A5A9-1C69FBE283D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{61A7B182-D0EF-40EC-8886-EA3D711BFCFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D44F228D-E7C9-47EA-8CF0-9997DE9D8151}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{805D7F15-2FE2-45F3-9D72-A0585CD3A927}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2016 09:34:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xfac
Faulting application start time: 0xTOTALCMD.EXE0
Faulting application path: TOTALCMD.EXE1
Faulting module path: TOTALCMD.EXE2
Report Id: TOTALCMD.EXE3

Error: (08/24/2016 09:17:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x8c0
Faulting application start time: 0xTOTALCMD.EXE0
Faulting application path: TOTALCMD.EXE1
Faulting module path: TOTALCMD.EXE2
Report Id: TOTALCMD.EXE3

Error: (08/24/2016 09:15:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (08/24/2016 09:14:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program TOTALCMD.EXE version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e28

Start Time: 01d1fe3bc330e73b

Termination Time: 0

Application Path: C:\totalcmd\TOTALCMD.EXE

Report Id: 069a1388-6a2f-11e6-9681-003005ef8e96

Error: (08/24/2016 09:14:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program TOTALCMD.EXE version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: f34

Start Time: 01d1fe3bb2c7a9b3

Termination Time: 16

Application Path: C:\totalcmd\TOTALCMD.EXE

Report Id: f618f89f-6a2e-11e6-9681-003005ef8e96

Error: (08/24/2016 09:13:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.

Error: (08/24/2016 09:13:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xc40
Faulting application start time: 0xTOTALCMD.EXE0
Faulting application path: TOTALCMD.EXE1
Faulting module path: TOTALCMD.EXE2
Report Id: TOTALCMD.EXE3

Error: (08/24/2016 09:12:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0004a761
Faulting process id: 0xd38
Faulting application start time: 0xTOTALCMD.EXE0
Faulting application path: TOTALCMD.EXE1
Faulting module path: TOTALCMD.EXE2
Report Id: TOTALCMD.EXE3

Error: (08/24/2016 09:10:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program TOTALCMD.EXE version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 64c

Start Time: 01d1fe3b1be33cdd

Termination Time: 0

Application Path: C:\totalcmd\TOTALCMD.EXE

Report Id: 659feba4-6a2e-11e6-9681-003005ef8e96

Error: (08/24/2016 08:52:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TOTALCMD.EXE, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0xdb8
Faulting application start time: 0xTOTALCMD.EXE0
Faulting application path: TOTALCMD.EXE1
Faulting module path: TOTALCMD.EXE2
Report Id: TOTALCMD.EXE3


System errors:
=============
Error: (08/24/2016 09:08:39 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:54:55 PM on ‎8/‎24/‎2016 was unexpected.

Error: (08/22/2016 10:45:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 11 service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (08/22/2016 10:45:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the TeamViewer 11 service to connect.

Error: (08/22/2016 10:45:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 11 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (08/22/2016 10:45:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/22/2016 10:37:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (08/22/2016 08:55:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TeamViewer 11 service failed to start due to the following error: 
%%109 = The pipe has been ended.

Error: (08/22/2016 08:55:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TeamViewer 11 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 2000 milliseconds: Restart the service.

Error: (08/22/2016 08:55:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (08/22/2016 03:19:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Percentage of memory in use: 40%
Total physical RAM: 2038.11 MB
Available physical RAM: 1209.63 MB
Total Virtual: 5095.11 MB
Available Virtual: 3997.17 MB

==================== Drives ================================

Drive c: (sistem) (Fixed) (Total:47.89 GB) (Free:21.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (data) (Fixed) (Total:417.87 GB) (Free:355.18 GB) NTFS
Drive e: (Backup) (Fixed) (Total:931.51 GB) (Free:802.93 GB) NTFS
Drive g: (TRANSCEND) (Removable) (Total:7.46 GB) (Free:4.94 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FAE6A423)
Partition 1: (Active) - (Size=47.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=417.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 651B2DAE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 7.5 GB) (Disk ID: 69C374D4)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End of Addition.txt ============================

--- --- ---

20.08.2016, 16:23	#6
burningice /// Malwareteam	Google Chrome Plugin Werbung Hallo Michael Bin grade unterwegs das Wochenende also kann bisschen dauern bis ich dir wieder antworte, schauen wir dann mal __________________ --> Google Chrome Plugin Werbung

22.08.2016, 12:39	#10
burningice /// Malwareteam	Google Chrome Plugin Werbung okay ich warte. __________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook ..........

Google Chrome Plugin Werbung

Plagegeister aller Art und deren Bekämpfung: Google Chrome Plugin Werbung