Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Rootkitverdacht/TaskManager hängt sich auf[WINDOWS] (https://www.trojaner-board.de/167277-rootkitverdacht-taskmanager-haengt-windows.html)

CEP 26.05.2015 10:46
Rootkitverdacht/TaskManager hängt sich auf[WINDOWS]
 
Guten Tag,

ich habe festgestellt, dass mein Taskmanager freezt sobald ich die Prozesse auf CPU Leistung sortiere. Ich habe bereits ein paar mal Anti-Rootkitprogramme sowie Malwarebytes laufen lassen. Manche Programme fanden (Soweit ich Logs auswerten kann) Malware. Ich habe Logs von Malwarebytes (Voller Scan von C: ) sowie von JRST und Adware Cleaner. :applaus:

-

Malwarebytes:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 26.05.2015
Suchlauf-Zeit: 11:10:25
Logdatei: ljlk.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.26.01
Rootkit Datenbank: v2015.05.24.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Döner

Suchlauf-Art: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 482325
Verstrichene Zeit: 30 Min, 50 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 4
PUP.Optional.Somoto, C:\Users\Döner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VUFS65T\BiTool[1].dll, , [67d2c8d0ec9eb87e31a858b5a063d62a],
PUP.Optional.Somoto.SID.A, C:\Users\Döner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9V327A50\setup[1].exe, , [3cfd77216a207abc88c11d48976f0cf4],
PUP.Optional.Somoto, C:\Users\Döner\AppData\Local\temp\bitool.dll, , [0237a8f056344aecac2d987529da14ec],
PUP.Optional.Somoto.SID.A, C:\Users\Döner\AppData\Local\temp\nsl5C36.tmp, , [d6637f190b7fe353e960e580be483cc4],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
P.S. es wurde auf entfernen geklickt.
-
Code:
# AdwCleaner v4.205 - Bericht erstellt 26/05/2015 um 11:49:39
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Döner - KLLR
# Gestarted von : C:\Users\Döner\Downloads\adwcleaner_4.205.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Google Chrome v43.0.2357.81


*************************

AdwCleaner[R0].txt - [649 Bytes] - [26/05/2015 11:49:39]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [707 Bytes] ##########
-
FRST64:
Siehe Anhang

deeprybka 26.05.2015 11:06
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.


Los geht's:

Poste bitte noch die FRST-Logs. Danke

CEP 26.05.2015 11:09
Hallo Jürgen,

Ich habe die FRST Logs in den Anhang gepackt, da sie zu lang sind für einen Beitrag.

deeprybka 26.05.2015 11:14
Dann bitte auf mehrere Postings aufteilen.

CEP 26.05.2015 11:22
FRST Scan #1

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by Döner (administrator) on KLLR on 26-05-2015 11:56:31
Running from C:\Users\Döner\Downloads
Loaded Profiles: Döner (Available Profiles: Döner)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BluetoothHeadsetProxy.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40184 2015-02-27] (Panda Security, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-05-25]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1014381929-967880854-3436243422-1003\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1014381929-967880854-3436243422-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1014381929-967880854-3436243422-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-25]
CHR Extension: (Google Docs) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]
CHR Extension: (Google Drive) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-25]
CHR Extension: (YouTube) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-25]
CHR Extension: (Google Search) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-25]
CHR Extension: (Google Sheets) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-25]
CHR Extension: (AdBlock) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-05-25]
CHR Extension: (Bookmark Manager) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Gmail) - C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [50688 2014-03-04] (Hercules®) []
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142584 2015-02-27] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-02-27] (Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [296240 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [276272 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [93968 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-02-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-02-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [116496 2015-02-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [48400 2014-12-31] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [99600 2015-02-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [69904 2015-02-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-02-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [299792 2015-02-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [166160 2015-02-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-02-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257296 2015-02-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-02-09] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163600 2015-04-21] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-02-25] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197392 2015-02-25] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-02-25] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-02-25] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-02-25] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-01-29] (Panda Security, S.L.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()

========================== Drivers MD5 =======================

C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys FB4FDA64F2E8552EAEB5986C3F34462C
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\drivers\btusbflt.sys 2641A3FE3D7B0646308F33B67F3B5300
C:\Windows\System32\drivers\btwaudio.sys A72A9101F9730DB7332714E566614E4D
C:\Windows\System32\drivers\btwavdt.sys 5CEEC634B617525F2B6AD29F871033F7
C:\Windows\System32\DRIVERS\btwl2cap.sys 6149301DC3F81D6F9667A3FBAC410975
C:\Windows\System32\DRIVERS\btwrchid.sys 2AF5604D28BEF77B7CF4B9D232FE7CD3
C:\Windows\System32\Drivers\HDJBulk.sys 936439EB34C99BEDC3ED90972FB44445
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys 22BC1C27274D1CB1C3A8C14CDBA0CDF2
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\e1k62x64.sys 477E33019A855D9B8E7B3263CB9A1AE5
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HDJMidi.sys 116E61D61CF9CAF3CABF1EF31AAB2F4F
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ibmpmdrv.sys 16DB32FC521B6D9D44C7E99EC0F8E8BA
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys F7DFAE6040AC910B7C64EE208A34157D
C:\Windows\System32\Drivers\ksecpkg.sys 8FE94F2EF9BF444E93E35D87E210D02F
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NNSAlpc.sys 49187521F6CD3719898F22D32BF6FE14
C:\Windows\System32\DRIVERS\NNSHttp.sys 944E0EB604FDC54C14FDEC74EB394BD2
C:\Windows\System32\DRIVERS\NNSHttps.sys 66A53D468BD466DF2FC43E02655341AF
C:\Windows\System32\DRIVERS\NNSIds.sys 58208570B63593A511BAA7C54040862F
C:\Windows\System32\DRIVERS\NNSNAHSL.sys 0AC9C8BDB128F55CC7D2257B94282035
C:\Windows\System32\DRIVERS\NNSPicc.sys 99697751DE64A3D7CA4306120D6CC87A
C:\Windows\System32\DRIVERS\NNSPihsw.sys 7F640E0EA360A3F6EE86F74813FEFC24
C:\Windows\System32\DRIVERS\NNSPop3.sys 163E56A6A4D85F8AD744C69C1C9E73BB
C:\Windows\System32\DRIVERS\NNSProt.sys 879B319D73A7D590978A7221FF718A7E
C:\Windows\System32\DRIVERS\NNSPrv.sys 71B34C94305109929814D5B272562279
C:\Windows\System32\DRIVERS\NNSSmtp.sys F7C11C9BFE13CCEE4C96760D437AD7AE
C:\Windows\System32\DRIVERS\NNSStrm.sys 73932C39B0117344CC9AEED5B8653F36
C:\Windows\System32\DRIVERS\NNSTlsc.sys D5F2661EB8D3027070EB630D3CA2DD86
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
C:\Windows\System32\DRIVERS\nvlddmkm.sys BE616FFE0103CC00A7E605A5DC49810E
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PSINAflt.sys 835D7F6ECC607C01E1227593F4238E17
C:\Windows\System32\DRIVERS\PSINFile.sys 7D2D3E766EEB6F234931D46B99BDBF75
C:\Windows\System32\DRIVERS\psinknc.sys DB31C96C3A95E42366F9C4552F262A9C
C:\Windows\System32\DRIVERS\PSINProc.sys 4A8D1170BB6ED097CAC6802CF6D8BB96
C:\Windows\System32\DRIVERS\PSINProt.sys DC0689626D73EDDBF2C5C9EE3FD5F43D
C:\Windows\System32\DRIVERS\PSINReg.sys 8654C41241D78E82A7ED06CB93979578
C:\Windows\System32\DRIVERS\PSKMAD.sys F29E7E36F8A8A7BAC112327E842FF0B5
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rimspe64.sys 3DCA561AAF776AA2E356FB5B142AA5F8
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\VSTAZL6.SYS 0C4540311E11664B245A263E1154CEF8
C:\Windows\System32\DRIVERS\VSTDPV6.SYS 02071D207A9858FBE3A48CBFD59C4A04
C:\Windows\System32\DRIVERS\VSTCNXT6.SYS 18E40C245DBFAF36FD0134A7EF2DF396
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUSB.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CEP 26.05.2015 11:24
FRST Scan #2

Code:
==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 11:56 - 2015-05-26 11:56 - 02108928 _____ (Farbar) C:\Users\Döner\Downloads\FRST64.exe
2015-05-26 11:56 - 2015-05-26 11:56 - 00028043 _____ () C:\Users\Döner\Downloads\FRST.txt
2015-05-26 11:56 - 2015-05-26 11:56 - 00000000 ____D () C:\FRST
2015-05-26 10:36 - 2015-05-26 10:36 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-05-25 23:33 - 2015-05-25 23:33 - 00000000 __SHD () C:\Users\Döner\AppData\Local\EmieUserList
2015-05-25 23:33 - 2015-05-25 23:33 - 00000000 __SHD () C:\Users\Döner\AppData\Local\EmieSiteList
2015-05-25 23:33 - 2015-05-25 23:33 - 00000000 __SHD () C:\Users\Döner\AppData\Local\EmieBrowserModeList
2015-05-25 22:09 - 2015-05-25 22:14 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-25 21:45 - 2015-05-25 21:45 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-25 21:45 - 2015-05-25 21:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-25 21:45 - 2015-05-25 21:45 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-25 21:45 - 2015-05-25 21:45 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-25 21:45 - 2015-05-25 21:45 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-05-25 21:45 - 2015-05-25 21:45 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-05-25 21:45 - 2015-05-25 21:45 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-25 21:45 - 2015-05-25 21:45 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-25 21:45 - 2015-05-25 21:45 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-05-25 21:45 - 2015-05-25 21:45 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-05-25 21:45 - 2015-05-25 21:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-05-25 21:45 - 2015-05-25 21:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-25 21:45 - 2015-05-25 21:45 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-25 21:44 - 2015-05-25 21:54 - 00014127 _____ () C:\Windows\IE11_main.log
2015-05-25 21:44 - 2015-05-25 21:44 - 00000000 ____D () C:\Users\Döner\Documents\Bluetooth-Exchange-Ordner
2015-05-25 21:44 - 2015-05-25 21:44 - 00000000 ____D () C:\Users\Döner\AppData\Local\Broadcom
2015-05-25 21:43 - 2015-05-25 21:53 - 00000000 ____D () C:\Program Files\Unlocker
2015-05-25 21:43 - 2015-05-25 21:43 - 00000000 ____D () C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-05-25 21:43 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-05-25 21:43 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-05-25 21:43 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-05-25 21:43 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-05-25 21:43 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-05-25 21:43 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-05-25 21:43 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-05-25 21:43 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-05-25 21:43 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-05-25 21:43 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-05-25 21:43 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-25 21:43 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-05-25 21:43 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-05-25 21:43 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-05-25 21:43 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-05-25 21:43 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-05-25 21:43 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-25 21:43 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-05-25 21:43 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-05-25 21:43 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-05-25 21:43 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-05-25 21:43 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-05-25 21:43 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-05-25 21:43 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-05-25 21:43 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-05-25 21:35 - 2015-05-25 21:35 - 00132648 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2015-05-25 21:35 - 2015-05-25 21:35 - 00098344 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2015-05-25 21:35 - 2015-05-25 21:35 - 00035104 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2015-05-25 21:35 - 2015-05-25 21:35 - 00021288 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2015-05-25 21:35 - 2015-05-25 21:35 - 00000000 ____D () C:\Program Files\ThinkPad
2015-05-25 21:34 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-25 21:34 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-25 21:34 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-25 21:34 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-25 21:34 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-25 21:33 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-25 21:33 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-25 21:28 - 2015-01-29 19:21 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2015-05-25 20:57 - 2015-05-25 21:35 - 00016328 _____ () C:\Windows\DPINST.LOG
2015-05-25 20:57 - 2015-05-25 20:57 - 00054824 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btusbflt.sys
2015-05-25 20:57 - 2015-05-25 20:57 - 00000000 ____D () C:\Program Files\DIFX
2015-05-25 20:57 - 2015-05-25 20:57 - 00000000 ____D () C:\Program Files\CONEXANT
2015-05-25 20:56 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-25 20:56 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-25 20:56 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-25 20:56 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-25 20:56 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-25 20:56 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-25 20:56 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-25 20:56 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-25 20:56 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-25 20:56 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-25 20:56 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-25 20:56 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-25 20:56 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-25 20:56 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-25 20:56 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-25 20:56 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-25 20:56 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-25 20:56 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-25 20:56 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-25 20:56 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-25 20:56 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-25 20:56 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-25 20:56 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-25 20:56 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-25 20:56 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-25 20:56 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-25 20:56 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-25 20:56 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-25 20:56 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-25 20:56 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-25 20:56 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-25 20:56 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 20:56 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-25 20:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-05-25 20:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-05-25 20:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-05-25 20:43 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-05-25 20:43 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-05-25 20:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-05-25 20:43 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-05-25 20:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-05-25 20:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-05-25 20:43 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-05-25 20:43 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-05-25 20:43 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-05-25 20:43 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-05-25 20:43 - 2011-04-28 05:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-05-25 20:43 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-05-25 20:43 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-05-25 20:43 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-05-25 20:43 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-05-25 20:43 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-05-25 20:43 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-05-25 20:43 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-05-25 20:43 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-05-25 20:43 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-05-25 20:43 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-05-25 20:43 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-05-25 20:43 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-05-25 20:41 - 2015-05-25 20:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2015-05-25 20:40 - 2015-05-25 20:41 - 00058488 _____ () C:\Users\Döner\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-25 20:39 - 2015-05-26 11:47 - 00002240 _____ () C:\Windows\setupact.log
2015-05-25 20:39 - 2015-05-26 11:47 - 00001824 _____ () C:\Windows\PFRO.log
2015-05-25 20:39 - 2015-05-25 23:20 - 00314840 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-25 20:39 - 2015-05-25 20:39 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-25 19:42 - 2015-05-25 19:42 - 00001242 _____ () C:\Users\Public\Desktop\Medieval CUE Splitter.lnk
2015-05-25 19:42 - 2015-05-25 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software
2015-05-25 19:42 - 2015-05-25 19:42 - 00000000 ____D () C:\Program Files (x86)\Medieval Software
2015-05-25 19:36 - 2015-05-26 11:10 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-25 19:36 - 2015-05-25 22:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-25 19:36 - 2015-05-25 19:36 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-25 19:36 - 2015-05-25 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-25 19:36 - 2015-05-25 19:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-25 19:36 - 2015-05-25 19:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-25 19:36 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-25 19:36 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-25 19:13 - 2015-05-25 19:26 - 00007601 _____ () C:\Users\Döner\AppData\Local\Resmon.ResmonCfg
2015-05-25 19:03 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-25 19:03 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-25 19:03 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-25 19:03 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-25 19:03 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-25 19:03 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-25 19:03 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-25 19:03 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-25 18:52 - 2015-05-25 19:34 - 00000000 ____D () C:\Users\Döner\Documents\VirtualDJ
2015-05-25 18:52 - 2015-05-25 18:55 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2015-05-25 18:52 - 2015-05-25 18:52 - 00000954 _____ () C:\Users\Döner\Desktop\VirtualDJ 8.lnk
2015-05-25 18:52 - 2015-05-25 18:52 - 00000000 ____D () C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2015-05-25 16:54 - 2015-05-25 16:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-KLLR-Windows-7-Professional-(64-bit).dat
2015-05-25 16:28 - 2015-05-25 21:56 - 00000000 ____D () C:\Users\Döner\AppData\Roaming\Adobe
2015-05-25 16:27 - 2015-05-25 16:27 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-25 16:26 - 2015-05-25 18:58 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-25 16:26 - 2015-05-25 16:26 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-25 16:26 - 2015-05-25 16:26 - 00002047 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-25 16:26 - 2015-05-25 16:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-25 16:25 - 2015-05-25 16:28 - 00000000 ____D () C:\Users\Döner\AppData\Local\Adobe
2015-05-25 16:12 - 2015-05-26 00:00 - 00000000 ____D () C:\Users\Döner\AppData\Roaming\transmission
2015-05-25 16:12 - 2015-05-25 16:15 - 00000000 ____D () C:\Users\Döner\AppData\Local\transmission
2015-05-25 16:06 - 2015-05-25 20:41 - 00000000 ____D () C:\Users\Döner\AppData\Roaming\Panda Security
2015-05-25 16:05 - 2015-05-25 21:56 - 00001409 _____ () C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-25 16:05 - 2015-05-25 19:40 - 00000000 ____D () C:\Users\Döner\AppData\Local\VirtualStore
2015-05-25 16:05 - 2015-05-25 16:05 - 00000020 ___SH () C:\Users\Döner\ntuser.ini
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Vorlagen
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Startmenü
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Netzwerkumgebung
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Lokale Einstellungen
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Eigene Dateien
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Druckumgebung
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Documents\Eigene Musik
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Documents\Eigene Bilder
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\AppData\Local\Verlauf
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\AppData\Local\Anwendungsdaten
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 _SHDL () C:\Users\Döner\Anwendungsdaten
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 ____D () C:\Users\Döner\AppData\Local\Google
2015-05-25 16:05 - 2015-05-25 16:05 - 00000000 ____D () C:\Users\Döner
2015-05-25 16:05 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-25 16:05 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-25 15:29 - 2015-05-25 15:29 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-05-25 15:29 - 2015-05-25 15:29 - 00000000 ____D () C:\Windows\system32\appraiser
2015-05-25 15:20 - 2015-01-09 01:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-05-25 15:20 - 2015-01-09 01:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-05-25 15:07 - 2015-05-25 15:08 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-25 15:07 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-25 14:22 - 2015-05-25 14:28 - 00000000 ____D () C:\Windows\erdnt
2015-05-25 13:47 - 2015-05-25 17:58 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-25 13:44 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-25 13:44 - 2013-01-13 22:22 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-25 13:44 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-05-25 13:44 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-05-25 13:44 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-05-25 13:44 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-05-25 13:44 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-05-25 13:44 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-05-25 13:44 - 2013-01-13 21:51 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-25 13:44 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-05-25 13:44 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-05-25 13:44 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-05-25 13:44 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-25 13:44 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-25 13:44 - 2013-01-13 21:37 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-05-25 13:44 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-05-25 13:44 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-25 13:44 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-05-25 13:44 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-25 13:44 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-25 13:44 - 2013-01-13 21:10 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-25 13:44 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-05-25 13:44 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-05-25 13:44 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-05-25 13:44 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-05-25 13:44 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-05-25 13:44 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-05-25 13:40 - 2015-05-25 13:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_tcwbf_01_09_00.Wdf
2015-05-25 13:40 - 2015-05-25 13:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2015-05-25 13:40 - 2015-05-25 13:40 - 00000000 ____D () C:\Program Files\AuthenTec
2015-05-25 13:39 - 2015-05-25 13:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-25 13:39 - 2015-05-25 13:39 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-25 13:39 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-25 13:33 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-05-25 13:33 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-05-25 13:33 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-05-25 13:33 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-05-25 13:31 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-25 13:31 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-25 13:31 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-05-25 13:31 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-05-25 13:31 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-05-25 13:31 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-05-25 13:31 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-05-25 13:31 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-05-25 13:26 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-25 13:26 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-25 13:26 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-25 13:26 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-25 13:26 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-25 13:26 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-05-25 13:26 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-05-25 13:26 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-25 13:26 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-05-25 13:26 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-05-25 13:26 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-05-25 13:26 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-05-25 13:26 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-05-25 13:26 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-25 13:26 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-05-25 13:26 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-05-25 13:26 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-05-25 13:26 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-05-25 13:26 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-05-25 13:26 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-05-25 13:26 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-05-25 13:26 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-05-25 13:26 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-05-25 13:26 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-05-25 13:26 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-05-25 13:26 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-05-25 13:26 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-05-25 13:26 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-05-25 13:26 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-05-25 13:26 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-05-25 13:26 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-05-25 13:26 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-05-25 13:26 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-05-25 13:26 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-05-25 13:26 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-05-25 13:26 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-05-25 13:26 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-05-25 13:26 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-05-25 13:26 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-05-25 13:26 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-05-25 13:26 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-05-25 13:26 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-05-25 13:25 - 2015-05-25 17:03 - 00002782 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-25 13:25 - 2015-05-25 13:25 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-25 13:25 - 2015-05-25 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-25 13:25 - 2015-05-25 13:25 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-25 13:25 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-25 13:25 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-25 13:25 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-05-25 13:25 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-05-25 13:25 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-25 13:25 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-05-25 13:25 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-05-25 13:25 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-05-25 13:25 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-05-25 13:25 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-05-25 13:25 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-05-25 13:25 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-05-25 13:25 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-05-25 13:25 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-05-25 13:25 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-05-25 13:25 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-05-25 13:25 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-05-25 13:25 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-05-25 13:25 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-05-25 13:25 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-05-25 13:25 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-05-25 13:25 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-05-25 13:25 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-05-25 13:25 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-05-25 13:25 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-05-25 13:25 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-05-25 13:25 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-05-25 13:25 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-05-25 13:25 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-05-25 13:25 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-05-25 13:25 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-05-25 13:25 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-05-25 13:25 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-05-25 13:25 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-05-25 13:25 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-05-25 13:25 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-05-25 13:25 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-05-25 13:24 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-25 13:24 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-25 13:24 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-25 13:24 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-05-25 13:24 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-05-25 13:24 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-05-25 13:24 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-05-25 13:24 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-05-25 13:24 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-05-25 13:24 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-05-25 13:24 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-05-25 13:24 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-05-25 13:24 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-05-25 13:24 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-05-25 13:24 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-05-25 13:24 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-05-25 13:24 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-05-25 13:24 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-05-25 13:24 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-05-25 13:24 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-05-25 13:24 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-05-25 13:24 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-05-25 13:24 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-05-25 13:24 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-05-25 13:24 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-05-25 13:24 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-05-25 13:24 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-05-25 13:24 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-05-25 13:24 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-05-25 13:24 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-05-25 13:24 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-05-25 13:24 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-05-25 13:24 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-05-25 13:24 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-05-25 13:24 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-25 13:23 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-25 13:23 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-25 13:23 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-25 13:23 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-25 13:23 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-25 13:23 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-25 13:23 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-25 13:23 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-25 13:23 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-25 13:23 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-25 13:23 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-05-25 13:23 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-25 13:23 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-25 13:23 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-25 13:23 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-25 13:23 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-05-25 13:23 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-05-25 13:23 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-05-25 13:23 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-05-25 13:23 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-05-25 13:23 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-05-25 13:23 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-05-25 13:23 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-05-25 13:23 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-05-25 13:23 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-05-25 13:23 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-05-25 13:23 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-05-25 13:23 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-05-25 13:23 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-05-25 13:23 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-05-25 13:23 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-05-25 13:23 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-05-25 13:23 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-05-25 13:23 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-05-25 13:23 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-05-25 13:23 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-05-25 13:23 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-05-25 13:23 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-05-25 13:23 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-05-25 13:23 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-05-25 13:23 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-05-25 13:23 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-05-25 13:23 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-05-25 13:23 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-05-25 13:23 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-05-25 13:23 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-05-25 13:23 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-05-25 13:23 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-05-25 13:23 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-05-25 13:23 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-05-25 13:23 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-05-25 13:23 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-05-25 13:23 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-05-25 13:23 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-05-25 13:23 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-05-25 13:23 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-05-25 13:23 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-05-25 13:23 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-05-25 13:23 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-05-25 13:23 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-05-25 13:23 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-05-25 13:23 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-05-25 13:23 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-05-25 13:23 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-05-25 13:23 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-05-25 13:23 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-05-25 13:23 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-05-25 13:23 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-05-25 13:23 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-05-25 13:23 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-05-25 13:23 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-05-25 13:23 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-05-25 13:23 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-05-25 13:23 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-05-25 13:23 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-05-25 13:23 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-05-25 13:23 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-05-25 13:23 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-05-25 13:23 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-05-25 13:23 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-05-25 13:23 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-05-25 13:23 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-05-25 13:23 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-05-25 13:23 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-05-25 13:22 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-05-25 13:22 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-05-25 13:22 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-05-25 13:22 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-05-25 13:22 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-05-25 13:22 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-05-25 13:22 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-05-25 13:22 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-05-25 13:22 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-25 13:22 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-25 13:22 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-05-25 13:22 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-05-25 13:22 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-05-25 13:22 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-05-25 13:22 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-05-25 13:22 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-05-25 13:22 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-05-25 13:22 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-05-25 13:22 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-05-25 13:22 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-05-25 13:22 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-05-25 03:17 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-25 03:17 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-25 03:17 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-25 03:17 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-25 03:17 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-05-25 03:17 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-05-25 03:17 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-05-25 03:17 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-05-25 03:17 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-05-25 03:17 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-05-25 03:17 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-05-25 03:17 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-05-25 03:17 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-05-25 03:17 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-05-25 03:17 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-05-25 03:17 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-05-25 03:16 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-25 03:16 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-25 03:16 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-25 03:16 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-25 03:16 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-25 03:16 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-25 03:16 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-05-25 03:16 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-05-25 03:16 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-05-25 03:16 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-05-25 03:16 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-05-25 03:16 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-05-25 03:16 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-05-25 03:16 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-05-25 03:16 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-05-25 03:16 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-05-25 03:16 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-05-25 03:16 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-05-25 03:16 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-05-25 03:16 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-05-25 03:16 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-05-25 03:16 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-05-25 03:16 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-05-25 03:16 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-05-25 03:16 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-05-25 03:16 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-05-25 03:16 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-05-25 03:16 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-05-25 03:16 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-05-25 03:16 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-05-25 03:16 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-05-25 03:16 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-05-25 03:16 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-05-25 03:15 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-25 03:15 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-25 03:15 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-25 03:15 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-25 03:15 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-25 03:15 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-25 03:15 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-25 03:15 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-25 03:15 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-25 03:15 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-25 03:15 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-25 03:15 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-05-25 03:15 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-05-25 03:15 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-05-25 03:15 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-05-25 03:15 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-05-25 03:15 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-05-25 03:15 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-05-25 03:15 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-05-25 03:15 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-05-25 03:15 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-05-25 03:15 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-05-25 03:15 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-05-25 03:15 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-05-25 03:15 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-05-25 03:15 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-05-25 03:15 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-05-25 03:15 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-05-25 03:15 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-05-25 03:15 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-05-25 03:15 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-05-25 03:15 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-05-25 03:15 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-05-25 03:15 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-05-25 03:15 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-05-25 03:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-05-25 03:15 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-05-25 03:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-05-25 03:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-05-25 03:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-05-25 03:15 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-05-25 03:15 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-05-25 03:15 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-05-25 03:15 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-05-25 03:15 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-05-25 03:15 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-05-25 03:15 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-05-25 03:15 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-05-25 03:15 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-05-25 03:15 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-05-25 03:15 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-05-25 03:15 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-05-25 03:15 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-05-25 03:15 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-05-25 03:15 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-05-25 03:15 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-05-25 03:15 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-05-25 03:15 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-05-25 03:15 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-05-25 03:15 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-05-25 03:15 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-05-25 03:15 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-05-25 03:15 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-05-25 03:15 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-05-25 03:15 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-25 03:15 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-25 03:15 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-05-25 03:15 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-05-25 03:15 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-05-25 03:15 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-05-25 03:15 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-05-25 03:15 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-05-25 03:14 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-25 03:14 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-25 03:14 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-25 03:14 - 2014-10-14 04:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-05-25 03:14 - 2014-10-14 03:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-05-25 03:14 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-05-25 03:14 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-05-25 03:14 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-05-25 03:14 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-05-25 03:14 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-05-25 03:14 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-05-25 03:14 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-05-25 03:14 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-05-25 03:14 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-05-25 03:14 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-05-25 03:14 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-05-25 03:14 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-05-25 03:14 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-05-25 03:14 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-05-25 03:14 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-05-25 03:14 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-05-25 03:14 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-05-25 03:14 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-05-25 03:14 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-05-25 03:14 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-05-25 03:14 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-05-25 03:14 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-05-25 03:14 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-05-25 03:14 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-05-25 03:14 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-05-25 03:14 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-05-25 03:14 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-05-25 03:14 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-05-25 03:14 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-05-25 03:14 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-05-25 03:14 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-05-25 03:14 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-05-25 03:14 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-05-25 03:14 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-05-25 03:14 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-05-25 03:14 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-05-25 03:14 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-05-25 03:14 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-05-25 03:14 - 2012-06-02 16:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-05-25 03:14 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-25 03:14 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-05-25 03:14 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-05-25 03:14 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-05-25 03:14 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-05-25 03:14 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-05-25 03:13 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-25 03:13 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-25 03:13 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-05-25 03:13 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-05-25 03:13 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-05-25 03:13 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-05-25 03:13 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-05-25 03:13 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-05-25 03:13 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-05-25 03:13 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-05-25 03:13 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-05-25 03:12 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-05-25 03:12 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-05-24 23:44 - 2015-05-24 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt
2015-05-24 23:44 - 2015-05-24 23:44 - 00000000 ____D () C:\Program Files\Transmission
2015-05-24 23:08 - 2015-05-25 21:55 - 00000000 ____D () C:\Windows\Panther
2015-05-24 22:39 - 2015-05-24 22:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-24 22:38 - 2015-05-24 22:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HDJBulk_01009.Wdf
2015-05-24 22:38 - 2014-03-05 16:11 - 00249344 _____ ( Hercules) C:\Windows\system32\HDJusbaudioapi_x64.dll
2015-05-24 22:37 - 2015-05-24 22:37 - 00000000 ____D () C:\Program Files\Guillemot
2015-05-24 22:37 - 2014-03-05 11:47 - 00717824 _____ (Hercules(R)) C:\Windows\system32\hdjapi.dll
2015-05-24 22:37 - 2014-03-05 11:47 - 00103936 _____ (Hercules(R)) C:\Windows\system32\hrfdongle.dll
2015-05-24 22:37 - 2013-03-05 15:30 - 00079872 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HerculesDJUSBAudioDevices_x64.dll
2015-05-24 22:37 - 2013-02-04 16:56 - 00000365 ____R () C:\Windows\SysWOW64\HDJcustom.ini
2015-05-24 22:37 - 2013-02-04 16:56 - 00000365 ____R () C:\Windows\system32\HDJcustom.ini
2015-05-24 22:36 - 2015-05-24 22:36 - 00000000 ____D () C:\Program Files\Hercules
2015-05-24 22:36 - 2014-03-05 17:49 - 00323376 _____ (© Guillemot R&D, 2014. All rights reserved.) C:\Windows\system32\Drivers\HDJAsioK.sys
2015-05-24 22:36 - 2014-03-05 17:49 - 00296240 _____ (© Guillemot R&D, 2014. All rights reserved.) C:\Windows\system32\Drivers\HDJBulk.sys
2015-05-24 22:36 - 2014-03-05 17:49 - 00276272 _____ (© Guillemot R&D, 2014. All rights reserved.) C:\Windows\system32\Drivers\HDJMidi.sys
2015-05-24 22:36 - 2014-03-05 17:49 - 00038704 _____ (© Guillemot R&D, 2014. All rights reserved.) C:\Windows\system32\Drivers\HDJCtrl.sys
2015-05-24 22:36 - 2014-03-05 11:45 - 00725504 _____ (Hercules(R)) C:\Windows\SysWOW64\HDJAPI.dll
2015-05-24 22:36 - 2014-03-05 11:44 - 00088064 _____ (Hercules(R)) C:\Windows\SysWOW64\HRFDongle.dll
2015-05-24 22:36 - 2014-03-04 12:57 - 00078848 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HerculesDJDevices.dll
2015-05-24 22:36 - 2009-12-04 17:26 - 00073728 _____ (Hercules(R)) C:\Windows\SysWOW64\HDJSAPI.dll
2015-05-24 22:36 - 2009-07-14 14:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-05-24 22:31 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-05-24 22:31 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-05-24 22:31 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-05-24 22:30 - 2015-05-24 22:30 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-24 22:30 - 2015-04-26 21:10 - 00072904 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-24 22:30 - 2015-04-26 21:10 - 00059592 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-24 22:30 - 2015-04-26 18:33 - 06783304 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-24 22:30 - 2015-04-26 18:33 - 03522192 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-24 22:30 - 2015-04-26 18:33 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-24 22:30 - 2015-04-26 18:33 - 00932040 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-24 22:30 - 2015-04-26 18:33 - 00616080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\oemdspif.dll
2015-05-24 22:30 - 2015-04-26 18:33 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-24 22:30 - 2015-04-26 18:33 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-24 22:30 - 2015-04-23 14:56 - 04373461 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-24 22:29 - 2015-05-24 22:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-24 22:29 - 2015-04-26 21:10 - 31514312 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 24200520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 22992072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 18634264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 17559432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 15294280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 14497760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 13828032 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 12893896 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-24 22:29 - 2015-04-26 21:10 - 11272240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 11209192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 04245648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 03987784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 03209736 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 02824176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 01908552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434161.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434161.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 00945480 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 00909632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 00902344 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 00869064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-24 22:29 - 2015-04-26 21:10 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-24 22:29 - 2015-04-26 21:10 - 00026155 _____ () C:\Windows\system32\nvinfo.pb
2015-05-24 22:28 - 2015-05-25 14:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-24 22:26 - 2015-05-25 01:08 - 00000000 ____D () C:\ProgramData\panda_url_filtering
2015-05-24 22:25 - 2015-05-25 20:41 - 00000000 ____D () C:\ProgramData\Panda Security
2015-05-24 22:25 - 2015-05-25 20:41 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-05-24 22:23 - 2015-05-26 11:48 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-24 22:23 - 2015-05-26 11:36 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-24 22:23 - 2015-05-26 10:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 22:23 - 2015-05-24 22:31 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-24 22:23 - 2015-05-24 22:31 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-24 22:23 - 2015-05-24 22:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-24 22:23 - 2015-05-24 22:23 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-24 22:13 - 2015-05-26 11:52 - 01815677 _____ () C:\Windows\WindowsUpdate.log
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Programme
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\ProgramData\Favoriten
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-05-24 22:13 - 2015-05-24 22:13 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-05-24 22:10 - 2015-05-24 22:10 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-05-24 22:10 - 2015-05-24 22:10 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-05-12 07:27 - 2015-05-12 07:27 - 00102376 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2015-05-12 07:27 - 2015-05-12 07:27 - 00074728 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2015-05-12 07:27 - 2015-05-12 07:27 - 00063464 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2015-05-12 07:27 - 2015-05-12 07:27 - 00042472 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2015-04-21 17:28 - 2015-04-21 17:28 - 00163600 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINAflt.sys
2015-02-25 21:03 - 2015-02-25 21:03 - 00197392 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINKNC.sys
2015-02-25 21:03 - 2015-02-25 21:03 - 00133904 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProt.sys
2015-02-25 21:03 - 2015-02-25 21:03 - 00124176 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProc.sys
2015-02-25 21:03 - 2015-02-25 21:03 - 00121616 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINFile.sys
2015-02-25 21:03 - 2015-02-25 21:03 - 00107792 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINReg.sys

CEP 26.05.2015 12:56
FRST #3

Code:
==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-26 11:48 - 2009-07-14 06:45 - 00016656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-26 11:48 - 2009-07-14 06:45 - 00016656 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-26 11:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-26 11:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-05-25 21:56 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-25 21:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-25 21:46 - 2010-11-21 08:50 - 00643866 _____ () C:\Windows\system32\perfh007.dat
2015-05-25 21:46 - 2010-11-21 08:50 - 00126394 _____ () C:\Windows\system32\perfc007.dat
2015-05-25 21:46 - 2009-07-14 07:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-25 20:52 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-25 20:19 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-25 19:08 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-25 16:06 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioDatabase
2015-05-25 15:29 - 2010-11-21 09:01 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-25 15:29 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-25 15:29 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-05-25 15:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-25 15:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-25 15:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-25 15:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-05-25 15:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-25 14:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-25 13:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-05-25 13:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-05-25 13:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-05-25 13:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-05-25 13:40 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-24 23:08 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-05-24 23:08 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-05-24 22:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-05-24 22:14 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2015-05-24 22:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-05-24 22:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-24 22:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-05-24 22:09 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\CSC

==================== Files in the root of some directories =======

2015-05-25 19:13 - 2015-05-25 19:26 - 0007601 _____ () C:\Users\Döner\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Döner\AppData\Local\temp\{112FEA4B-1F5D-42DB-9913-AB4560ABC2DD}.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description            Windows Boot Manager
locale                  de-DE
inherit                {globalsettings}
default                {current}
resumeobject            {1173c892-0259-11e5-ab15-8cabbf21938b}
displayorder            {current}
toolsdisplayorder      {memdiag}
timeout                30

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description            Windows 7
locale                  de-DE
inherit                {bootloadersettings}
recoverysequence        {1173c894-0259-11e5-ab15-8cabbf21938b}
recoveryenabled        Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {1173c892-0259-11e5-ab15-8cabbf21938b}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {1173c894-0259-11e5-ab15-8cabbf21938b}
device                  ramdisk=[C:]\Recovery\1173c894-0259-11e5-ab15-8cabbf21938b\Winre.wim,{1173c895-0259-11e5-ab15-8cabbf21938b}
path                    \windows\system32\winload.exe
description            Windows Recovery Environment
inherit                {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\1173c894-0259-11e5-ab15-8cabbf21938b\Winre.wim,{1173c895-0259-11e5-ab15-8cabbf21938b}
systemroot              \windows
nx                      OptIn
winpe                  Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {1173c892-0259-11e5-ab15-8cabbf21938b}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description            Windows Resume Application
locale                  de-DE
inherit                {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description            Windows-Speicherdiagnose
locale                  de-DE
inherit                {globalsettings}
badmemoryaccess        Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype              Serial
debugport              1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype    Serial
hypervisordebugport    1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {1173c895-0259-11e5-ab15-8cabbf21938b}
description            Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\1173c894-0259-11e5-ab15-8cabbf21938b\boot.sdi



LastRegBack: 2015-05-24 22:09

==================== End of log ============================
Addition
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by Döner at 2015-05-26 11:56:59
Running from C:\Users\Döner\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1014381929-967880854-3436243422-500 - Administrator - Disabled)
Döner (S-1-5-21-1014381929-967880854-3436243422-1003 - Administrator - Enabled) => C:\Users\Döner
Gast (S-1-5-21-1014381929-967880854-3436243422-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1014381929-967880854-3436243422-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Panda Free Antivirus (Enabled - Up to date) {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
AS: Panda Free Antivirus (Enabled - Up to date) {8F3797EF-DB90-F073-3C72-40C753554CD1}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 1.HDJS.2014 - Hercules)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.07 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
NVIDIA Grafiktreiber 341.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.61 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0004 - Panda Security)
Panda Free Antivirus (Version: 7.82.00.0000 - Panda Security) Hidden
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
Transmission-Qt (HKLM\...\Transmission-Qt) (Version: 2.84.3 - Transmission)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VirtualDJ 8 (HKLM-x32\...\{13E44DA9-FE06-4298-9179-BEF27214B47B}) (Version: 8.0.2094.0 - Atomix Productions)
VirtualDJ 8 (HKLM-x32\...\{9799D7C4-CEB2-4942-A1A6-649D2297CA04}) (Version: 8.0.2276.0 - Atomix Productions)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

25-05-2015 18:52:15 Installed VirtualDJ 8
25-05-2015 18:52:40 Installed VirtualDJ 8
25-05-2015 19:42:25 Installed Medieval CUE Splitter
25-05-2015 20:28:02 Windows Update
25-05-2015 20:35:06 Removed Panda Devices Agent.
25-05-2015 20:56:43 Windows Update
25-05-2015 21:34:43 Windows Update
26-05-2015 10:30:53 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {41C3DD28-3E20-4760-9D39-973710EDB743} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24] (Google Inc.)
Task: {4A3D260D-200A-47DF-9E46-643C05702F75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24] (Google Inc.)
Task: {6893085C-33A9-4C5D-BC47-E541D9D69F0D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {6D4234A3-2639-4560-BAE1-71E32D405949} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-24 22:30 - 2015-04-26 18:33 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-06-13 19:37 - 2011-06-13 19:37 - 00173344 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1014381929-967880854-3436243422-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{8D194EF3-82C0-408F-875B-67FB7BCBE7EA}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [{545FDC8B-E4F6-4500-BB34-186440250F7C}] => (Block) %ProgramFiles% (x86)\VirtualDJ\virtualdj8.exe
FirewallRules: [TCP Query User{7DD48999-9FD4-4495-A7E9-F307314C34E5}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [UDP Query User{0DB05EF8-2AF1-457C-809E-2BDB515E4B16}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe
FirewallRules: [{9FF133BF-8F54-44BE-BFB5-EE6B1E208736}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Qualcomm Gobi 2000
Description: Qualcomm Gobi 2000
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/26/2015 11:48:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2015 10:27:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 11:20:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 10:24:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_DiagTrack, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc000000d
Fehleroffset: 0x000000000006ec12
ID des fehlerhaften Prozesses: 0x7ac
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_DiagTrack0
Pfad der fehlerhaften Anwendung: svchost.exe_DiagTrack1
Pfad des fehlerhaften Moduls: svchost.exe_DiagTrack2
Berichtskennung: svchost.exe_DiagTrack3

Error: (05/25/2015 09:55:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 09:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xef0
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" in Zeile  Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" in Zeile  Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" in Zeile  Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"2" in Zeile  Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Definition: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (05/26/2015 11:48:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/26/2015 11:48:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/26/2015 10:27:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/26/2015 10:27:41 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/25/2015 11:20:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/25/2015 11:20:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/25/2015 10:24:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Diagnostics Tracking Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/25/2015 09:55:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (05/25/2015 09:55:49 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (05/25/2015 09:54:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800706ba fehlgeschlagen: Synaptics - Other hardware, Pointing Drawing - ThinkPad UltraNav Pointing Device


Microsoft Office:
=========================
Error: (05/26/2015 11:48:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/26/2015 10:27:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 11:20:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 10:24:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_DiagTrack6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18839553e8bfac000000d000000000006ec127ac01d09724cb0f723fC:\Windows\System32\svchost.exeC:\Windows\SYSTEM32\ntdll.dllfbdd9237-031b-11e5-bf62-506313c4ad0b

Error: (05/25/2015 09:55:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/25/2015 09:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aaef001d0972412e248f5C:\Users\Döner\Downloads\Gmer-19357.exeC:\Users\Döner\Downloads\Gmer-19357.exe53ea7724-0317-11e5-83b3-506313c4ad0b

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42"C:\Program Files\ThinkPad\Bluetooth Software\MFC80.DLLC:\Program Files\ThinkPad\Bluetooth Software\Microsoft.VC80.MFCLOC.MANIFEST5

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42"C:\Program Files\ThinkPad\Bluetooth Software\MFC80.DLLC:\Program Files\ThinkPad\Bluetooth Software\Microsoft.VC80.MFCLOC.MANIFEST5

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42"C:\Program Files\ThinkPad\Bluetooth Software\MFC80.DLLC:\Program Files\ThinkPad\Bluetooth Software\Microsoft.VC80.MFCLOC.MANIFEST5

Error: (05/25/2015 09:44:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.42"C:\Program Files\ThinkPad\Bluetooth Software\MFC80.DLLC:\Program Files\ThinkPad\Bluetooth Software\Microsoft.VC80.MFCLOC.MANIFEST5


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU M 620 @ 2.67GHz
Percentage of memory in use: 30%
Total physical RAM: 3955.67 MB
Available physical RAM: 2759.36 MB
Total Pagefile: 7909.54 MB
Available Pagefile: 6276.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:89.7 GB) NTFS
Drive d: (Musik) (Fixed) (Total:298.09 GB) (Free:286.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 1969F5E1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End of log ============================
Shortcut
Code:
Users shortcut scan result (x64) Version: 25-05-2015
Ran by Döner at 2015-05-26 11:57:13
Running from C:\Users\Döner\Downloads
Boot Mode: Normal
==================== shortcuts =============================

(shortcuts.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Transmission-Qt.lnk -> C:\Program Files\Transmission\transmission-qt.exe (Transmission Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Uninstall Transmission-Qt.lnk -> C:\Program Files\Transmission\uninstall.exe (Transmission)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Panda Free Antivirus.lnk -> C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software\Medieval CUE Splitter\Medieval CUE Splitter v1.2.lnk -> C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software\Medieval CUE Splitter\Medieval Freeware License (Please read).lnk -> C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\Freeware.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> C:\Program Files\7-Zip\7zFM.exe (Igor Pavlov)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> C:\Program Files\7-Zip\7-zip.chm ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\Links\Desktop.lnk -> C:\Users\Döner\Desktop ()
Shortcut: C:\Users\Döner\Links\Downloads.lnk -> C:\Users\Döner\Downloads ()
Shortcut: C:\Users\Döner\Desktop\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Setup QuickStart.lnk -> C:\Users\Döner\Documents\VirtualDJ\VirtualDJ 8 - Getting Started.pdf ()
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\User Guide.lnk -> C:\Users\Döner\Documents\VirtualDJ\VirtualDJ 8 - User Guide.pdf ()
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\VirtualDJ 8.lnk -> C:\Program Files (x86)\VirtualDJ\virtualdj8.exe (Atomix Productions)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\README.lnk -> C:\Program Files\Unlocker\README.TXT ()
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Start Unlocker.lnk -> C:\Program Files\Unlocker\Unlocker.exe ()
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Uninstall.lnk -> C:\Program Files\Unlocker\uninst.exe ()
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker\Website.lnk -> C:\Program Files\Unlocker\Unlocker.url ()
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Döner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Acrobat Reader DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Medieval CUE Splitter.lnk -> C:\Program Files (x86)\Medieval Software\Medieval CUE Splitter\CUE_Splitter.exe ()




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Gemeinsame Ideen und Lösungen.lnk -> C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.) -> /URL:YourOpinion
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Hilfe.lnk -> C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.) -> /URL:WebHelp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus\Technischer Online-Support.lnk -> C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.) -> /URL:TechSupport
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software\Medieval CUE Splitter\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {B96D2269-568B-4CBF-9332-12FAE8B158F7}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Döner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Support (General).url -> hxxp://forum.transmissionbt.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Support (Windows).url -> hxxp://sourceforge.net/p/trqtw/discussion/1315797/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission-Qt\Transmission Project.url -> hxxp://www.transmissionbt.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medieval Software\Medieval CUE Splitter\Medieval Software online.url -> hxxp://www.medieval.it
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Döner\Favorites\Windows Live\Windows Live Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Döner\Favorites\Windows Live\Windows Live Ideas.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72700
InternetURL: C:\Users\Döner\Favorites\Windows Live\Windows Live Mail.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72681
InternetURL: C:\Users\Döner\Favorites\Windows Live\Windows Live Spaces.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72682
InternetURL: C:\Users\Döner\Favorites\MSN-Websites\MSN Auto.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72680
InternetURL: C:\Users\Döner\Favorites\MSN-Websites\MSN Fernsehen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72659
InternetURL: C:\Users\Döner\Favorites\MSN-Websites\MSN Money.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72640
InternetURL: C:\Users\Döner\Favorites\MSN-Websites\MSN Nachrichten.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72636
InternetURL: C:\Users\Döner\Favorites\MSN-Websites\MSN Sport.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72635
InternetURL: C:\Users\Döner\Favorites\MSN-Websites\MSN.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72630
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\IE-Site auf Microsoft.com.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72186
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\Microsoft Deutschland GmbH.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72520
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\Microsoft Store.url -> hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\Microsoft Windows - Start.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72629
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\Microsoft zu Hause.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72406
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\Microsoft.com durchsuchen.url -> hxxp://go.microsoft.com/fwlink/?LinkId=72893
InternetURL: C:\Users\Döner\Favorites\Microsoft-Websites\Site für IE Add-Ons.url -> hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Döner\Favorites\Links\Suggested Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Döner\Favorites\Links\Vorgeschlagene Sites.url -> https://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Döner\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Döner\Favorites\Links\Web Slice-Katalog.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315

==================== End of log =============================
Panda Scan Log:

Code:
Ereignisse                      Datum/Zeit                Status                    Weitere Details
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Computer geimpft                25.05.2015 21:28          Geimpft
Computer geimpft                25.05.2015 20:41          Geimpft
Cookie erkannt Unbekannter Name  26.05.2015 13:32          Gelöscht                  Speicherort: C:\Users\Döner\AppData\Local\Google\Chrome\User Data\Default\Cookies[.doubleclick.net/]
Cookie erkannt Unbekannter Name  26.05.2015 13:32          Gelöscht                  Speicherort: C:\Users\Döner\AppData\Roaming\Microsoft\Windows\Cookies\Low\YE9QMRC9.txt
Element entsperrt                26.05.2015 11:56                                    Speicherort: C:\Users\Döner\Downloads\FRST64.exe
Scan                            25.05.2015 21:35          Beendet                  Durchsuche: C:\Program Files\Windows Media Player\wmprph.exe
Scan                            25.05.2015 21:35          Gestartet                Durchsuche: C:\Program Files\Windows Media Player\wmprph.exe
Scan                            25.05.2015 21:43          Beendet                  Durchsuche: C:\Users\Döner\Downloads\Unlocker1.9.2.exe
Scan                            25.05.2015 21:43          Gestartet                Durchsuche: C:\Users\Döner\Downloads\Unlocker1.9.2.exe
Scan                            26.05.2015 13:32          Beendet                  Durchsuche: Kritische Bereiche
Scan                            26.05.2015 13:31          Gestartet                Durchsuche: Kritische Bereiche
Scan                            25.05.2015 20:57          Beendet                  Durchsuche: Kritische Bereiche
Scan                            25.05.2015 20:55          Gestartet                Durchsuche: Kritische Bereiche
Synchronisierung                25.05.2015 21:01          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.
Virus erkannt W32/Exploit.gen    26.05.2015 11:55          Neutralisiert            Speicherort: C:\Users\Döner\Downloads\FRST64.exe

deeprybka 26.05.2015 17:32
Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


CEP 26.05.2015 17:36
Vielen Dank für diese schnelle Antwort. Werde nun den Scan starten. Wie lange dauert der denn so?

deeprybka 26.05.2015 17:37
Paar Stunden.

CEP 26.05.2015 18:24
Zitat:
Zitat von deeprybka (Beitrag 1470461)
Paar Stunden.
Auch auf einer SSD?

ESET Online Scanner

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=32d24bbc6fb0f04d8392beea48af2d9c
# engine=24032
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-26 05:21:23
# local_time=2015-05-26 07:21:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Panda Free Antivirus'
# compatibility_mode=1557 16777213 87 100 81620 218856857 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 11435 184290733 0 0
# scanned=156761
# found=2
# cleaned=0
# scan_time=1084
sh=90A440A11B158CACC211196FF49670F6F38EB760 ft=1 fh=8b2ddc3358c7903c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"
sh=BA397539AAB7D908AA2A3E6CCC218E90D0B9CF79 ft=1 fh=0e216f3b59118484 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Döner\AppData\Local\temp\{112FEA4B-1F5D-42DB-9913-AB4560ABC2DD}.exe"

deeprybka 26.05.2015 18:29
Also meiner Meinung nach ist auf dem PC kein Rootkit und auch sonst keine aktive Malware.

CEP 26.05.2015 18:30
Zitat:
Zitat von deeprybka (Beitrag 1470499)
Also meiner Meinung nach ist auf dem PC kein Rootkit und auch sonst keine aktive Malware.
Und was ist mit dem Viscom PuP?

deeprybka 26.05.2015 18:32
Schau mal wo genau diese "evtl. unerwünschte Anwendung" gefunden wird... :)

CEP 26.05.2015 18:34
Ich habe nur eine Art Paranoia :D.


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:03 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131