Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Netzwerk und Hardware (https://www.trojaner-board.de/netzwerk-hardware/)
-   -   Windows 7 x64 Ultimate hat Netzwerk Problem (LAN ud WLAN) - kein Internet (https://www.trojaner-board.de/181751-windows-7-x64-ultimate-hat-netzwerk-problem-lan-ud-wlan-kein-internet.html)

Frideus 14.09.2016 15:29
Windows 7 x64 Ultimate hat Netzwerk Problem (LAN ud WLAN) - kein Internet
 
Mein PC hat kein Internet sowohl via LAN als auch über WLAN. Bitte um Hilfe.
System Windows 7 x64 Ultimate.
Danke
Frideus

Frst.txt (Computer reparieren, Eingabeafforderung:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-09-2016
Ran by SYSTEM on MININT-H62LPT3 (14-09-2016 17:05:53)
Running from F:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [PrnStatusMX] => C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [1240064 2012-07-04] (Marvell Semiconductor, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\Administrator\...\Run: [GoogleChromeAutoLaunch_361C1DD22E1256C6B68316A32E8B1949] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [961352 2016-08-02] (Google Inc.)
HKU\Administrator\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Administrator\...\Policies\Explorer: [QuickLaunchEnabled] 0
HKU\Administrator\...\Policies\Explorer: [NoAutoUpdate] 0
HKU\Administrator\...\Policies\Explorer: [ForceRunOnStartMenu] 1
HKU\Administrator\...\Policies\Explorer: [AlwaysShowClassicMenu] 1
HKU\Administrator\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\Administrator\...\Policies\Explorer: [NoCDBurning] 1
HKU\Administrator\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\Administrator\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\Administrator\...\Policies\Explorer: [NoSMMyPictures] 1
HKU\Administrator\...\Policies\Explorer: [NoInstrumentation] 1
GroupPolicyScripts: Restriction <======= ATTENTION

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2279608 2014-05-20] (Microsoft Corporation)
S2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-12-09] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EWSASERV; C:\Program Files (x86)\Elcomsoft Password Recovery\Elcomsoft Wireless Security Auditor\ewsaserv64.exe [84648 2013-02-09] (ElcomSoft Co. Ltd.)
S4 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [58368 2016-02-02] (Razer Inc.)
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2009-10-20] (CACE Technologies, Inc.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [821720 2012-11-24] (Mister Group)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-07-01] (Microsoft Corporation)
S4 Windows8FirewallService; C:\Program Files\Windows8FirewallControl\Windows8FirewallService.exe [4186624 2013-09-30] (Sphinx Software)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
S3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [17480 2013-03-06] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14920 2013-03-06] ()
S0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2015-12-09] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [9800 2013-03-06] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-06] ()
S3 Ext2Fsd; C:\Windows\System32\Drivers\Ext2Fsd.sys [769304 2014-05-11] (www.ext2fsd.com)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2014-07-01] (GenesysLogic)
S0 ksbus; C:\Windows\System32\DRIVERS\ksbus64.sys [31536 2013-12-17] (KernSafe Technologies)
S0 KScsiPrt; C:\Windows\System32\DRIVERS\KSPrt64.sys [137520 2013-12-17] (KernSafe Technologies)
S1 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-14] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-12] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-12] (Microsoft Corporation)
S2 NPF; C:\Windows\System32\drivers\npf.sys [47632 2009-10-20] (CACE Technologies, Inc.)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
S2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
S2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2015-02-23] (Duplex Secure Ltd.)
S1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [29384 2013-07-26] (TamoSoft)
S3 ts_arusb; C:\Windows\System32\DRIVERS\ts_arusbx.sys [1208776 2013-07-24] (TamoSoft)
S5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 L1C; system32\DRIVERS\L1C62x64.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9A4A1EEE802BF2F878EE8EAB407B21B7
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\Drivers\AnyDVD.sys 4D8EBB1749651A5BAF59EB89878B2EE4
C:\Windows\SysWOW64\Drivers\AnyDVD.sys 4D8EBB1749651A5BAF59EB89878B2EE4
C:\Windows\system32\drivers\appid.sys 5F9389D9A2D5A2A7B03DC92914B43A88
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys 1D4F8EE6DDCE14FF9A9B85D1EAE55336
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 3323F76352B0AF14B2CDC4DFBF3E980A
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
C:\Windows\System32\drivers\dxgkrnl.sys 3A9D7D464BDB3B70D7ECF689ADABBD4D
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDFL.sys 9387A484D31209D7FC3F795A787294DB
C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys 9387A484D31209D7FC3F795A787294DB
C:\Windows\System32\Drivers\ElbyCDIO.sys BDD265EEB37DF5953A547FE412E2472F
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\windows\system32\epmntdrv.sys 6106653B08F4F72EEAA7F099E7C408A4
C:\windows\SysWOW64\epmntdrv.sys 093CEE3B45F0954DCE6CB891F6A920F7
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\drivers\eubakup.sys 83EF0C33B56360761AE2DDB86E47B2E8
C:\Windows\System32\drivers\EUBKMON.sys CCF2072C27B5F84447A0829014C43760
C:\windows\system32\drivers\eudskacs.sys 44A0838432C8A31A5D6CBE0BF348CED6
C:\windows\system32\drivers\EuFdDisk.sys D05585505CB20235E7C665158464551D
C:\windows\system32\EuGdiDrv.sys 991C04A31777ED77CB92A4F96F14C2E2
C:\windows\SysWOW64\EuGdiDrv.sys F1DE3EEF501DDA7DDF99F2EDF0C5540E
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ext2Fsd.sys 20E6CE130F4F4D1993B68E17F37CEE22
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\GeneStor.sys 676B3710A6F3D3A97A4B5859BC0E0BB7
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys C38AFE18A40ADF005647090DD3AC24F3
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys CC279B89A16615B8DD13422544F6B478
C:\Windows\System32\DRIVERS\IntcDAud.sys B375D8686E1BD2B79C0F00E3868A8C3B
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys D596D915CF091DA1F8CE4BD38BB5D509
C:\Windows\System32\DRIVERS\iusb3hub.sys 023896E23B61543A15A230EED996D911
C:\Windows\System32\DRIVERS\iusb3xhc.sys 7FAEC13F1ADD619F4B5B2D2CBF841E8E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ksbus64.sys 9B8BE59E75283590611FA933990E7DEC
C:\Windows\System32\DRIVERS\KSPrt64.sys D24A94F0E907EB61A663FD90A2B23902
C:\Windows\System32\Drivers\ksecdd.sys CFBA6BCBBDC7E33813D92FFB3460FA07
C:\Windows\System32\Drivers\ksecpkg.sys CE66825289EE8326CB52C4E9E785ACB0
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvrs64.sys 0C85B2B6FB74B36A251792D45E0EF860
C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8
C:\windows\system32\drivers\mbamchameleon.sys 1239597BAB7EED2BB16D035AF87E65D9
C:\windows\system32\drivers\mbam.sys 78BFF5425E044086E74E78650A359FBB
C:\windows\system32\drivers\MBAMSwissArmy.sys 78488AF2AB2111D67B3C4044707A519B
C:\windows\system32\drivers\mwac.sys 452ACB7A9914398D9E18CCCFFCF92208
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TeeDriverx64.sys E0EF6C1399A9B1AAA0B28590411BED04
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 67050452C0118BAF2883928E6FCCFE47
C:\Windows\System32\DRIVERS\MpFilter.sys DA0FAEE45D6F03D7647851A20977A7D0
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys D7ADC2B83CA0B0381F75A98351F72CEE
C:\Windows\System32\DRIVERS\mrxsmb.sys B7FADA5E1E55BB63F90EB9F8F016113B
C:\Windows\System32\DRIVERS\mrxsmb10.sys 34AFF1849B3EC042C40C5EEC9D78562A
C:\Windows\System32\DRIVERS\mrxsmb20.sys 058CE7A55E140EB0C72FBA6FD2FA72DE
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys E47D571FEC2C76E867935109AB2A770C
C:\Windows\System32\DRIVERS\netr28ux.sys 618C55B392238B9467F9113E13525C49
C:\Windows\System32\DRIVERS\netr28x.sys D66596DB0A0739A89C25B590CE36D628
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys 6D79C8CB73187FBEAAD1F680FADF98D3
C:\Windows\System32\drivers\npf.sys C31FA031335EFF434B2D94278E74BCCE
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 47B2D0B31BDC3EBE6090228E2BA3764D
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys E366A5681C50785D4ED04FCFD65C3415
C:\Windows\System32\DRIVERS\nvlddmkm.sys 0AC797F70F2F3E5B69A34FF2F63496F3
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\DRIVERS\PcaSp60.sys 5EACB8A19CAD7057806FBBF9550165E1
C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys 5EACB8A19CAD7057806FBBF9550165E1
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\revoflt.sys 9C3AC71A9934B884FAC567A8807E9C4D
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rzendpt.sys 5709A79EC6011BF109C7167DDC6EC603
C:\windows\system32\drivers\rzpmgrk.sys 434A22267365AEF88B3AD451B65988AE
C:\windows\system32\drivers\rzpnk.sys F8A13D4413A93DD005FAD116CBD6B6F7
C:\Windows\System32\DRIVERS\rzudd.sys E7E36EA112048AC5AC8AA15B6EC35109
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys D33BFF730B222D00A2F665F8F3E0A788
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ser2pl64.sys 81C4472F297BABE08CEA3A5E3CB3E5B4
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys 74D30C2EF66C2EB19F17ED5423AA8038
C:\Windows\System32\DRIVERS\srv.sys 16897B0322DD56621DF5978131130AF2
C:\Windows\System32\DRIVERS\srv2.sys 978423DEC32318FFBCD76D01232AC0FF
C:\Windows\System32\DRIVERS\srvnet.sys CB06B3D4659D744131E691B7B4CE6B2D
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys B2875D7ABB82867DC3AA03D991940201
C:\Windows\System32\DRIVERS\tcpip.sys B2875D7ABB82867DC3AA03D991940201
C:\Windows\System32\drivers\tcpipreg.sys 7FE5586314EE7D6AA8483264A089E5AF
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys AA77EB517D2F07A947294F260E3ACA83
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys EF4469AB69EB15E5D3754E6AEAFBCD3D
C:\Windows\System32\drivers\truecrypt.sys 643F853A22B405E2D5AAB5927AE32DEC
C:\Windows\System32\DRIVERS\TsLwWfF.sys 5A0B4CF8851252027AE97CC117315C71
C:\Windows\System32\DRIVERS\tssecsrv.sys 19BEDA57F3E0A06B8D5EB6D619BD5624
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\ts_arusbx.sys BCE00226B34B93A4C2E8DC196ABAF1C5
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\DRIVERS\vpcuxd.sys 63F4E10873BEB4124028C6D1A66B0968
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys D0335A55E5C3F812548E18300C2ACB62
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-08 22:30 - 2014-05-19 15:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-09-08 22:28 - 2014-05-19 18:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2016-09-08 22:28 - 2014-05-19 18:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6433788.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6433788.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00197408 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2016-09-08 22:28 - 2014-05-19 18:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-09-08 22:28 - 2014-05-19 18:44 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2016-09-08 22:25 - 2016-09-08 22:25 - 00013221 _____ C:\Users\Administrator\Desktop\Revo Uninstaller Pro.lnk
2016-09-08 13:08 - 2016-09-08 13:08 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-09-08 10:50 - 2016-09-08 11:14 - 00003286 _____ C:\Windows\System32\Tasks\SamsungMagician
2016-09-08 10:50 - 2016-09-08 10:50 - 00001247 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2016-09-08 10:50 - 2016-09-08 10:50 - 00000000 ____D C:\ProgramData\Samsung
2016-09-08 10:50 - 2016-09-08 10:50 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-09-08 10:35 - 2016-09-08 10:35 - 00000629 _____ C:\Users\Administrator\Desktop\JRT.txt
2016-09-08 10:26 - 2016-09-13 10:23 - 00000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2016-09-08 10:18 - 2016-09-14 17:05 - 00000000 ____D C:\FRST
2016-09-08 09:57 - 2016-09-08 10:02 - 00000000 ____D C:\AdwCleaner
2016-09-08 09:38 - 2016-09-08 09:38 - 00436800 _____ C:\Windows\System32\FNTCACHE.DAT
2016-09-08 09:38 - 2016-09-08 09:38 - 00111912 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-08 09:05 - 2016-09-08 22:30 - 00000000 ____D C:\Temp
2016-09-07 00:36 - 2016-09-07 13:49 - 00000000 ____D C:\Windows\System32\config\regsave
2016-09-07 00:35 - 2016-09-07 00:35 - 00000000 ____D C:\easeus_tb_cloud
2016-09-07 00:26 - 2016-09-07 00:26 - 00002133 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Workstation 9.0.lnk
2016-09-07 00:26 - 2015-12-09 20:10 - 00192552 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuFdDisk.sys
2016-09-07 00:26 - 2015-12-09 20:10 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eubakup.sys
2016-09-07 00:26 - 2015-12-09 20:10 - 00048168 _____ C:\Windows\System32\Drivers\EUBKMON.sys
2016-09-07 00:26 - 2015-12-09 20:10 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\eudskacs.sys
2016-09-07 00:25 - 2015-12-09 20:14 - 00024104 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\fbnative.exe
2016-09-06 21:52 - 2015-02-05 11:07 - 02558792 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2016-09-06 21:52 - 2014-05-19 17:25 - 06769096 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2016-09-06 21:52 - 2014-05-19 17:25 - 03514144 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2016-09-06 21:52 - 2014-05-19 17:25 - 00927520 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2016-09-06 21:52 - 2014-05-19 17:25 - 00387528 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2016-09-06 21:52 - 2014-05-19 17:25 - 00062808 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2016-09-06 21:52 - 2014-05-14 15:49 - 03774821 _____ C:\Windows\System32\nvcoproc.bin
2016-09-06 14:07 - 2016-09-06 15:39 - 00000000 ____D C:\Program Files\HitmanPro
2016-09-06 14:07 - 2016-09-06 14:07 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-06 14:04 - 2016-09-08 10:37 - 00001914 _____ C:\Users\Administrator\Desktop\sc-cleaner.txt
2016-09-06 13:51 - 2013-11-09 03:47 - 00448512 _____ (OldTimer Tools) C:\Users\Administrator\Desktop\TFC_3.1.9.0.exe
2016-09-06 13:31 - 2016-09-06 13:31 - 00001836 _____ C:\Users\Administrator\Desktop\WinXP_Win7_Win8_Win8.1_x86_x64_V2.1.0.21 - Shortcut.lnk
2016-09-06 11:36 - 2016-09-06 11:36 - 00000000 ____D C:\Users\Administrator\AppData\Local\Macromedia
2016-09-06 11:29 - 2016-09-06 11:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2016-09-06 11:29 - 2016-09-06 11:29 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2016-09-06 01:12 - 2016-09-06 12:43 - 00000000 ___RD C:\Users\Administrator\iCloudDrive
2016-09-06 01:12 - 2016-09-06 01:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple Inc
2016-09-06 01:12 - 2016-09-06 01:12 - 00000000 ____D C:\Users\Administrator\AppData\Local\6BF4B840-DDC8-4365-8DD8-8F5CCF1AA585.aplzod
2016-09-06 00:41 - 2016-09-06 00:41 - 00000000 ____H C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2016-09-05 07:35 - 2016-07-07 07:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2016-09-05 07:35 - 2016-07-07 07:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2016-09-05 07:35 - 2016-07-07 07:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2016-09-05 07:35 - 2016-07-07 07:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2016-09-05 07:35 - 2016-07-01 07:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2016-09-05 07:35 - 2016-07-01 07:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\System32\INETRES.dll
2016-09-05 07:35 - 2016-07-01 07:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-05 07:35 - 2016-07-01 07:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-05 07:35 - 2016-07-01 06:56 - 00464896 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2016-09-05 07:35 - 2016-07-01 06:56 - 00405504 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2016-09-05 07:35 - 2016-07-01 06:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2016-09-05 07:35 - 2016-06-06 08:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2016-09-05 07:35 - 2016-06-06 08:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2016-09-05 07:35 - 2016-06-06 08:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2016-09-05 07:35 - 2016-06-06 08:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2016-09-05 07:35 - 2016-06-06 07:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-05 07:35 - 2016-06-06 07:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-05 07:35 - 2016-06-06 07:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-05 07:35 - 2016-06-06 07:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-05 07:35 - 2016-05-16 15:22 - 00631176 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2016-09-05 07:35 - 2016-05-16 15:19 - 05546216 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2016-09-05 07:35 - 2016-05-16 15:19 - 00706280 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2016-09-05 07:35 - 2016-05-16 15:18 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-05 07:35 - 2016-05-16 15:18 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-05 07:35 - 2016-05-16 15:17 - 01732888 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2016-09-05 07:35 - 2016-05-16 15:16 - 01314136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 01163264 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00880640 _____ (Microsoft Corporation) C:\Windows\System32\advapi32.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00419840 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\setbcdlocale.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00059904 _____ (Microsoft Corporation) C:\Windows\System32\appidapi.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00034816 _____ (Microsoft Corporation) C:\Windows\System32\appidsvc.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 15:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 13:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\System32\appidpolicyconverter.exe
2016-09-05 07:35 - 2016-05-16 13:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2016-09-05 07:35 - 2016-05-16 13:23 - 00017920 _____ (Microsoft Corporation) C:\Windows\System32\appidcertstorecheck.exe
2016-09-05 07:35 - 2016-05-16 13:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2016-09-05 07:35 - 2016-05-16 13:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2016-09-05 07:35 - 2016-05-16 13:14 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2016-09-05 07:35 - 2016-05-16 13:10 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-05 07:35 - 2016-05-16 13:10 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-05 07:35 - 2016-05-16 13:10 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-05 07:35 - 2016-05-16 13:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-05 07:35 - 2016-05-16 13:09 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 13:09 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 13:09 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-05 07:35 - 2016-05-16 13:09 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-05 07:35 - 2016-05-13 14:09 - 03156480 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2016-09-05 07:35 - 2016-05-13 14:09 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2016-09-05 07:35 - 2016-05-13 14:09 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2016-09-05 07:35 - 2016-05-13 14:07 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2016-09-05 07:35 - 2016-05-13 13:55 - 02607104 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2016-09-05 07:35 - 2016-05-13 13:53 - 00709120 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2016-09-05 07:35 - 2016-05-13 13:53 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2016-09-05 07:35 - 2016-05-13 13:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2016-09-05 07:35 - 2016-05-13 13:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2016-09-05 07:35 - 2016-05-13 13:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2016-09-05 07:35 - 2016-05-13 13:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2016-09-05 07:35 - 2016-05-13 13:50 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-09-05 07:35 - 2016-05-13 13:38 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-09-05 07:35 - 2016-05-13 13:38 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-09-05 07:35 - 2016-05-13 13:38 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-09-05 07:35 - 2016-05-13 13:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-09-05 07:35 - 2016-05-12 09:14 - 00862208 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2016-09-05 07:35 - 2016-05-12 09:14 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\asycfilt.dll
2016-09-05 07:35 - 2016-05-12 07:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-05 07:35 - 2016-05-12 07:18 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-09-05 07:35 - 2016-05-12 07:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-09-05 07:35 - 2016-05-04 09:21 - 00114408 _____ (Microsoft Corporation) C:\Windows\System32\consent.exe
2016-09-05 07:35 - 2016-05-04 09:17 - 03244032 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2016-09-05 07:35 - 2016-05-04 09:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-09-05 07:35 - 2016-05-04 09:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-09-05 07:35 - 2016-05-04 09:17 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\msihnd.dll
2016-09-05 07:35 - 2016-05-04 09:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-09-05 07:35 - 2016-05-04 09:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-09-05 07:35 - 2016-05-04 09:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\System32\msimsg.dll
2016-09-05 07:35 - 2016-05-04 09:16 - 01941504 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2016-09-05 07:35 - 2016-05-04 09:16 - 00070144 _____ (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2016-09-05 07:35 - 2016-05-04 07:04 - 00128512 _____ (Microsoft Corporation) C:\Windows\System32\msiexec.exe
2016-09-05 07:35 - 2016-05-04 06:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-09-05 07:30 - 2014-12-15 11:47 - 07828216 _____ (Broadcom Corporation) C:\Windows\System32\Drivers\BCMWL664.SYS
2016-09-05 07:30 - 2014-12-15 11:47 - 00096600 _____ (Broadcom Corporation) C:\Windows\System32\bcmwlcoi.dll
2016-08-17 11:26 - 2016-07-08 07:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2016-08-17 11:26 - 2016-07-08 07:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-14 07:01 - 2014-07-20 14:39 - 00327680 _____ C:\Windows\System32\Ikeext.etl
2016-09-14 06:40 - 2009-07-13 21:13 - 00793926 _____ C:\Windows\System32\PerfStringBackup.INI
2016-09-14 06:40 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2016-09-14 06:01 - 2009-07-13 20:45 - 00026576 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-14 06:01 - 2009-07-13 20:45 - 00026576 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-14 05:56 - 2015-12-08 04:03 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-09-14 05:55 - 2014-10-15 00:53 - 00192216 _____ (Malwarebytes) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2016-09-14 05:55 - 2014-06-30 15:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-14 05:55 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-14 01:31 - 2014-06-30 15:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-09-14 01:16 - 2016-01-30 15:16 - 00000000 ____D C:\ProgramData\ProductData
2016-09-08 22:30 - 2014-11-16 05:17 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-08 22:30 - 2014-06-30 15:26 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-08 22:29 - 2014-11-14 14:51 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA
2016-09-08 22:29 - 2014-06-30 15:24 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-08 22:28 - 2014-11-16 05:18 - 00000000 ____D C:\Users\Administrator\AppData\Local\NVIDIA Corporation
2016-09-08 22:11 - 2014-07-06 16:07 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\MOBackup
2016-09-08 13:02 - 2016-01-30 10:12 - 00000000 ____D C:\Users\Administrator\.oracle_jre_usage
2016-09-08 13:02 - 2014-06-06 23:51 - 00000000 ____D C:\users\Administrator
2016-09-08 12:49 - 2014-06-07 08:44 - 00000000 ____D C:\Windows\CSC
2016-09-08 11:19 - 2011-04-12 00:28 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-09-08 11:06 - 2009-07-13 21:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-07 00:36 - 2014-06-30 14:46 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\KeePass
2016-09-07 00:25 - 2014-07-20 01:54 - 00000000 ____D C:\Program Files (x86)\EaseUS
2016-09-06 21:54 - 2014-07-01 06:34 - 00000000 ____D C:\Windows\pss
2016-09-06 21:52 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\Help
2016-09-06 21:41 - 2016-03-09 11:48 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-06 15:47 - 2014-06-30 16:01 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Wise Registry Cleaner
2016-09-06 15:41 - 2014-07-12 01:14 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Apple Computer
2016-09-06 15:40 - 2014-07-12 01:13 - 00000000 ____D C:\ProgramData\Apple
2016-09-06 13:38 - 2016-01-30 15:16 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2016-09-06 13:38 - 2016-01-30 15:16 - 00000000 ____D C:\Program Files (x86)\IObit
2016-09-06 12:03 - 2015-07-16 03:20 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-06 11:35 - 2015-07-16 03:20 - 00003770 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-06 11:35 - 2014-07-27 15:58 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2016-09-06 11:35 - 2014-07-27 15:51 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-06 11:35 - 2014-07-27 15:51 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-06 11:35 - 2014-07-27 15:51 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-06 11:35 - 2014-07-27 15:51 - 00000000 ____D C:\Windows\System32\Macromed
2016-09-06 01:14 - 2014-07-12 01:13 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple
2016-09-06 01:01 - 2014-07-12 01:14 - 00000000 ____D C:\Users\Administrator\AppData\Local\Apple Computer
2016-09-05 10:48 - 2016-03-13 12:15 - 00000000 ____D C:\Windows\rescache
2016-09-05 10:04 - 2014-07-13 05:31 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-05 10:04 - 2014-07-13 05:31 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-05 07:46 - 2014-07-13 05:31 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-05 07:46 - 2014-07-13 05:31 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-05 07:44 - 2014-07-02 04:46 - 00000000 ____D C:\Users\Administrator\AppData\Local\JDownloader v2.0
2016-08-17 11:21 - 2014-07-01 06:39 - 00000000 ____D C:\Windows\System32\MRT
2016-08-17 11:21 - 2009-07-13 18:34 - 00000478 _____ C:\Windows\win.ini
2016-08-17 11:17 - 2014-07-01 06:38 - 147640136 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe

==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2016-06-16 04:44] - [2016-04-08 21:53] - 3231232 ____A (Microsoft Corporation) 9DA3B83F80E205B6C601EEE1312FD0A0

C:\Windows\SysWOW64\explorer.exe
[2016-06-16 04:44] - [2016-04-08 21:44] - 2973184 ____A (Microsoft Corporation) 3DA48EA028AD771C5B71727F0C3984E9

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2016-09-08 22:27
Restore point date: 2016-09-13 10:26
Restore point date: 2016-09-14 01:30
Restore point date: 2016-09-14 01:31
Restore point date: 2016-09-14 01:31

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description            Windows Boot Manager
locale                  en-US
inherit                {globalsettings}
default                {default}
resumeobject            {520d8c24-ee6b-11e3-af74-fc61fd31169d}
displayorder            {default}
toolsdisplayorder      {memdiag}
timeout                30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \windows\system32\winload.exe
description            Windows 7
locale                  en-US
inherit                {bootloadersettings}
recoverysequence        {current}
recoveryenabled        Yes
osdevice                partition=C:
systemroot              \windows
resumeobject            {520d8c24-ee6b-11e3-af74-fc61fd31169d}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[C:]\Recovery\9568c724-ee18-11e3-9e4b-d271adad2118\Winre.wim,{9568c725-ee18-11e3-9e4b-d271adad2118}
path                    \windows\system32\winload.exe
description            Windows Recovery Environment
inherit                {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\9568c724-ee18-11e3-9e4b-d271adad2118\Winre.wim,{9568c725-ee18-11e3-9e4b-d271adad2118}
systemroot              \windows
nx                      OptIn
winpe                  Yes

Resume from Hibernate
---------------------
identifier              {520d8c24-ee6b-11e3-af74-fc61fd31169d}
device                  partition=C:
path                    \windows\system32\winresume.exe
description            Windows Resume Application
locale                  en-US
inherit                {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description            Windows Memory Diagnostic
locale                  en-US
inherit                {globalsettings}
badmemoryaccess        Yes

EMS Settings
------------
identifier              {emssettings}
bootems                Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype              Serial
debugport              1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype    Serial
hypervisordebugport    1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                {globalsettings}

Device options
--------------
identifier              {9568c725-ee18-11e3-9e4b-d271adad2118}
description            Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\9568c724-ee18-11e3-9e4b-d271adad2118\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 7%
Total physical RAM: 16345.04 MB
Available physical RAM: 15167.62 MB
Total Virtual: 16343.24 MB
Available Virtual: 15162.64 MB

==================== Drives ================================

Drive c: (OSDisk) (Fixed) (Total:110.94 GB) (Free:8.14 GB) NTFS
Drive f: (Win7_EngDeu) (Removable) (Total:29.42 GB) (Free:0.65 GB) FAT32
Drive g: (My Book) (Fixed) (Total:2794.49 GB) (Free:186.16 GB) NTFS
Drive h: (My2Tdisk) (Fixed) (Total:1863.01 GB) (Free:1862.87 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 6A03AC71)
Partition 1: (Active) - (Size=499 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 29.4 GB) (Disk ID: 82D5C7F3)
Partition 1: (Active) - (Size=29.4 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 2.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F8ACD107)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)


LastRegBack: 2016-09-05 10:41

==================== End of FRST.txt ============================
--- --- ---

--- --- ---


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:51 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131