Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 25.11.2014, 14:33   #1
Harri3r
 
Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



Hallo zusammen!
Seit Tagen habe ich das lustige Problem, dass ich in meinem Wlan Netzwerk ständlich auf eine Adfoc.us Seite weitergeleitet werde und seid heute auch auf meinem LG G2 Smartphone. Lustig ist jedoch, dass mein X201 Thinkpad NOCH nicht betroffen wurde, also hoffe ich eine schnelle Hilfe hier. Paar Versuche, die Malware zu finden, wurden bereits unternommen, jedoch ohne Erfolg. Schon mal danke für die Hilfe!

(Logs zu groß, deswegen im Anhang)

Alt 25.11.2014, 15:31   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 25.11.2014, 16:28   #3
Harri3r
 
Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



GMER
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-25 14:18:42
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 ST1000DM003-1CH162 rev.CC47 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Oliver\AppData\Local\Temp\ufdyapob.sys


---- Threads - GMER 2.1 ----

Thread   C:\WINDOWS\system32\csrss.exe [828:6088]                                                                                                 fffff96000880b90
Thread   C:\WINDOWS\System32\svchost.exe [740:3836]                                                                                               00007ffc0e4a12f8
Thread   C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2652:1212]                                                                  00000000732e4078
Thread   C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2204:3936]                                                                00007ffc12502cec
Thread   C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [3760:3940]                                                                00007ffc12502cec
Thread   C:\WINDOWS\explorer.exe [2076:4412]                                                                                                      000000006f6e31c0
Thread   C:\WINDOWS\explorer.exe [2076:5320]                                                                                                      00007ffbfb386220
Thread   C:\WINDOWS\explorer.exe [2076:1560]                                                                                                      00007ffc11a51e40
Thread   C:\WINDOWS\explorer.exe [2076:5480]                                                                                                      00007ffc070ed73c
Thread   C:\WINDOWS\explorer.exe [2076:3288]                                                                                                      00007ffc070ed73c
Thread   C:\WINDOWS\explorer.exe [2076:336]                                                                                                       00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:1864]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:2108]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:6056]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:5524]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:4084]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:1044]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:4352]                                                                                                      00007ffbfb543a8c
Thread   C:\WINDOWS\explorer.exe [2076:4416]                                                                                                      00007ffc04f3d73c
Thread   C:\WINDOWS\explorer.exe [2076:724]                                                                                                       00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:3040]                                                                                                      00007ffc11641120
Thread   C:\WINDOWS\explorer.exe [2076:5636]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:5520]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:3584]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:5892]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:5568]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:5948]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:5244]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\explorer.exe [2076:2856]                                                                                                      00007ffc04e7d73c
Thread   C:\WINDOWS\system32\taskhost.exe [4180:5572]                                                                                             00007ffc01a91a90
---- Processes - GMER 2.1 ----

Library  C:\Users\Oliver\AppData\Local\Temp\sfareca00001.dll (*** suspicious ***) @ C:\Program Files (x86)\SpeedFan\speedfan.exe [5824](2014-11   000000005bee0000
Library  C:\Users\Oliver\AppData\Local\Temp\sfamcc00001.dll (*** suspicious ***) @ C:\Program Files (x86)\SpeedFan\speedfan.exe [5824](2014-11-2  0000000003ad0000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                                                        448510445
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@POSTTime                                                                     34097
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalResumeTime                                                              10777944
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnFromHandlerTimestamp                                             10777591
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@SleeperThreadEndTimestamp                                                    10777600
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelReturnSystemPowerState                                                 10777902
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberHiberFileTime                                                           3150
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberInitTime                                                                12
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@TotalHibernateTime                                                           24932
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@DeviceResumeTime                                                             281
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesProcessed                                                         390436
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@KernelPagesWritten                                                           0xB0 0xB4 0x01 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesProcessed                                                           34089
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@BootPagesWritten                                                             0xB6 0x4B 0x00 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberCompressRate                                                            23
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@HiberIoCpuTime                                                               442
Reg      HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Power@ResumeCompleteTimestamp                                                      0x0B 0xEF 0x21 0x03 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\iphlpsvc\Parameters\Isatap\{B617C8E9-1319-44A5-9CC0-8647EFF43A04}@DefunctTimestamp                0xFC 0x3D 0x73 0x54 ...
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch                                                                          2040
Reg      HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch                                                                         214
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91B291B3-D9D8-423B-8A08-E815D7F228E7}@LeaseObtainedTime              1416865274
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91B291B3-D9D8-423B-8A08-E815D7F228E7}@T1                             1416870674
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91B291B3-D9D8-423B-8A08-E815D7F228E7}@T2                             1416874724
Reg      HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91B291B3-D9D8-423B-8A08-E815D7F228E7}@LeaseTerminatesTime            1416876074
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@Rw                                                                                       0x64 0x62 0x03 0x00 ...
Reg      HKLM\SYSTEM\Setup\Upgrade\NsiMigrationRoot\60\0@RwMask                                                                                   0x64 0x62 0x03 0x00 ...
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\Grid@Logo100                                                               %USERPROFILE%\AppData\Local\Microsoft\Windows\Explorer\TileCacheLogo-1517843_100.dat
Reg      HKCU\Software\Microsoft\Windows\CurrentVersion\ImmersiveShell\StateStore@ProcessedPackageStateChangeVersion                              683
Reg      HKCU\Software\Microsoft\Windows\Windows Error Reporting@LastQueueNoPesterTime                                                            0x5B 0x43 0xCC 0xE8 ...

---- EOF - GMER 2.1 ----
         
MBAR
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.11.24.07

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17416
Oliver.™ :: OLIVER-PC [administrator]

24.11.2014 20:10:16
mbar-log-2014-11-24 (20-10-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 415653
Time elapsed: 12 minute(s), 45 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 8.1 Pro x64
Ran by Oliver.T on 24.11.2014 at 18:29:23,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Oliver\AppData\Roaming\mozilla\firefox\profiles\tblxdhsi.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.11.2014 at 18:34:01,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
TDSSkiller
Code:
ATTFilter
14:29:00.0819 0x00c4  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
14:29:02.0717 0x00c4  ============================================================
14:29:02.0717 0x00c4  Current date / time: 2014/11/25 14:29:02.0717
14:29:02.0717 0x00c4  SystemInfo:
14:29:02.0718 0x00c4  
14:29:02.0718 0x00c4  OS Version: 6.3.9600 ServicePack: 0.0
14:29:02.0718 0x00c4  Product type: Workstation
14:29:02.0718 0x00c4  ComputerName: OLIVER-PC
14:29:02.0718 0x00c4  UserName: Oliver.™
14:29:02.0718 0x00c4  Windows directory: C:\WINDOWS
14:29:02.0718 0x00c4  System windows directory: C:\WINDOWS
14:29:02.0718 0x00c4  Running under WOW64
14:29:02.0718 0x00c4  Processor architecture: Intel x64
14:29:02.0718 0x00c4  Number of processors: 8
14:29:02.0718 0x00c4  Page size: 0x1000
14:29:02.0718 0x00c4  Boot type: Normal boot
14:29:02.0718 0x00c4  ============================================================
14:29:02.0871 0x00c4  KLMD registered as C:\WINDOWS\system32\drivers\77578821.sys
14:29:03.0007 0x00c4  System UUID: {0E9AEFA1-AFDD-6F48-3C81-909CB08B1FC1}
14:29:03.0360 0x00c4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:03.0371 0x00c4  ============================================================
14:29:03.0371 0x00c4  \Device\Harddisk0\DR0:
14:29:03.0371 0x00c4  MBR partitions:
14:29:03.0371 0x00c4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:29:03.0371 0x00c4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
14:29:03.0371 0x00c4  ============================================================
14:29:03.0383 0x00c4  C: <-> \Device\Harddisk0\DR0\Partition2
14:29:03.0383 0x00c4  ============================================================
14:29:03.0383 0x00c4  Initialize success
14:29:03.0383 0x00c4  ============================================================
14:29:07.0397 0x0e3c  ============================================================
14:29:07.0397 0x0e3c  Scan started
14:29:07.0398 0x0e3c  Mode: Manual; SigCheck; TDLFS; 
14:29:07.0398 0x0e3c  ============================================================
14:29:07.0398 0x0e3c  KSN ping started
14:29:09.0903 0x0e3c  KSN ping finished: true
14:29:10.0960 0x0e3c  ================ Scan system memory ========================
14:29:10.0960 0x0e3c  System memory - ok
14:29:10.0962 0x0e3c  ================ Scan services =============================
14:29:11.0174 0x0e3c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:29:11.0240 0x0e3c  1394ohci - ok
14:29:11.0279 0x0e3c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:29:11.0315 0x0e3c  3ware - ok
14:29:11.0354 0x0e3c  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:29:11.0391 0x0e3c  ACPI - ok
14:29:11.0397 0x0e3c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:29:11.0418 0x0e3c  acpiex - ok
14:29:11.0432 0x0e3c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:29:11.0454 0x0e3c  acpipagr - ok
14:29:11.0461 0x0e3c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:29:11.0481 0x0e3c  AcpiPmi - ok
14:29:11.0488 0x0e3c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:29:11.0508 0x0e3c  acpitime - ok
14:29:11.0579 0x0e3c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:29:11.0602 0x0e3c  AdobeARMservice - ok
14:29:11.0635 0x0e3c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:29:11.0686 0x0e3c  ADP80XX - ok
14:29:11.0726 0x0e3c  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
14:29:11.0757 0x0e3c  AeLookupSvc - ok
14:29:11.0785 0x0e3c  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:29:11.0824 0x0e3c  AFD - ok
14:29:11.0845 0x0e3c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
14:29:11.0864 0x0e3c  agp440 - ok
14:29:11.0886 0x0e3c  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:29:11.0911 0x0e3c  ahcache - ok
14:29:11.0917 0x0e3c  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
14:29:11.0942 0x0e3c  ALG - ok
14:29:11.0968 0x0e3c  [ CFE5B0A7F84A6D0068E88DEFFE6B2D1D, 4D9FAFE380D55F0DE71EA819BE5B1655D3D96B3036998252BC68C90FD74926E5 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:29:12.0005 0x0e3c  AMD External Events Utility - ok
14:29:12.0065 0x0e3c  AMD FUEL Service - ok
14:29:12.0077 0x0e3c  [ 8BEEE0FAAB5F98CF0F7E91DF807BAA78, E8093CFDCF3CB9FFAD7CB1F9B94AA195901AD9A3CBA4E0CBB70DB375DBDD8B9D ] amdacpksd       C:\WINDOWS\system32\drivers\amdacpksd.sys
14:29:12.0101 0x0e3c  amdacpksd - ok
14:29:12.0135 0x0e3c  [ 321179638F53D8F8FABE6E238F5E654B, 911BB5B5BEB47732F0661FC7DC2CA4D1C04116D3B2733D03BBEA6E39D4053C0A ] amdacpusrsvc    C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
14:29:12.0151 0x0e3c  amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
14:29:14.0842 0x0e3c  Detect skipped due to KSN trusted
14:29:14.0842 0x0e3c  amdacpusrsvc - ok
14:29:14.0875 0x0e3c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:29:14.0921 0x0e3c  AmdK8 - ok
14:29:14.0951 0x0e3c  [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
14:29:14.0970 0x0e3c  amdkmafd - ok
14:29:15.0377 0x0e3c  [ 33F538B24B16D60015556EBE2C188288, 1F9B46D1741B6A37948C6D35EBC0EE04BBF6470E4DA7C6C1DFB63F76C2C9B897 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
14:29:15.0803 0x0e3c  amdkmdag - ok
14:29:15.0860 0x0e3c  [ EA540229EB937F3172E149363E0BA38F, 01CFC6D2A0D2F145F3050AECEE8314E2A0C1C71F5CC4831BB020C85DD3A3D397 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:29:15.0896 0x0e3c  amdkmdap - ok
14:29:15.0979 0x0e3c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:29:16.0024 0x0e3c  AmdPPM - ok
14:29:16.0058 0x0e3c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:29:16.0079 0x0e3c  amdsata - ok
14:29:16.0125 0x0e3c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:29:16.0177 0x0e3c  amdsbs - ok
14:29:16.0195 0x0e3c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:29:16.0217 0x0e3c  amdxata - ok
14:29:16.0234 0x0e3c  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.2.0  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:29:16.0250 0x0e3c  AODDriver4.2.0 - ok
14:29:16.0254 0x0e3c  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
14:29:16.0269 0x0e3c  AODDriver4.3 - ok
14:29:16.0314 0x0e3c  [ 1FDE3302A17928B999E6BBA6D346F7DB, 186029C1C62842F1FE21AAD445134A3DEDB978D2E27169D5016C3149FCC42E5C ] AODDriver4.3.0  C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
14:29:16.0329 0x0e3c  AODDriver4.3.0 - ok
14:29:16.0341 0x0e3c  [ 24D5D2C9F24B9B7AF63182F5A444C3F9, 02D781C0FFADD355851D37B5401EFD8798F113BB5BC17A994AC5CF548360C3D2 ] AODService      C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
14:29:16.0357 0x0e3c  AODService - ok
14:29:16.0435 0x0e3c  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
14:29:16.0459 0x0e3c  AppHostSvc - ok
14:29:16.0479 0x0e3c  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:29:16.0502 0x0e3c  AppID - ok
14:29:16.0532 0x0e3c  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:29:16.0552 0x0e3c  AppIDSvc - ok
14:29:16.0581 0x0e3c  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:29:16.0604 0x0e3c  Appinfo - ok
14:29:16.0680 0x0e3c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:29:16.0695 0x0e3c  Apple Mobile Device - ok
14:29:16.0717 0x0e3c  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
14:29:16.0741 0x0e3c  AppMgmt - ok
14:29:16.0767 0x0e3c  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:29:16.0801 0x0e3c  AppReadiness - ok
14:29:16.0843 0x0e3c  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:29:16.0901 0x0e3c  AppXSvc - ok
14:29:16.0922 0x0e3c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:29:16.0941 0x0e3c  arcsas - ok
14:29:17.0054 0x0e3c  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:29:17.0101 0x0e3c  aspnet_state - ok
14:29:17.0118 0x0e3c  [ 001CFE1AE7A6377D70F654305ED10458, 02319F42082DD01715521BB01C63D93A783890F5EEF4F97E34401D6BF2537075 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
14:29:17.0136 0x0e3c  aswHwid - ok
14:29:17.0146 0x0e3c  [ CDE120D6279DD61B341CB871C48E5374, D9A5845F405D14268D5DCD54F88DB87FC4071042D65ED08F0F1687740F3E2657 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
14:29:17.0161 0x0e3c  aswMonFlt - ok
14:29:17.0178 0x0e3c  [ 6669541A3566F5B2F64A87ACC9B8821F, DD99968B1D78B55A6A19C8D494B7FB39ADF5175BD223B01E4C833AE10BBD019A ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
14:29:17.0194 0x0e3c  aswRdr - ok
14:29:17.0199 0x0e3c  [ 60FED5EA7F14315C319E7FFB3679CC24, 19774A9C0DB86ED99434A194C9138682982EEFEA43CE33AB38985445C72B4C03 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
14:29:17.0217 0x0e3c  aswRvrt - ok
14:29:17.0268 0x0e3c  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
14:29:17.0315 0x0e3c  aswSnx - ok
14:29:17.0335 0x0e3c  [ 6FC940A01C53BC874F531349E991F2BC, C7D84127217D556D7722B0EBC38057C8DFA173265A6E1DBF89CA47379F061ED7 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
14:29:17.0362 0x0e3c  aswSP - ok
14:29:17.0369 0x0e3c  [ 7250DFE069F4CB68F736A12F51AC083E, 7422A030786F777E914E1D6C10BC9B94B03B4AA2A8F888FE948004B91C60CD07 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
14:29:17.0387 0x0e3c  aswStm - ok
14:29:17.0396 0x0e3c  [ 5EA98C99B780EE215401658BE5E217CA, A778F2E2414BD0C9C572BEAC1DD0A805ED1827A25D6208D650AEBCCEED4D6994 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
14:29:17.0417 0x0e3c  aswVmm - ok
14:29:17.0433 0x0e3c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:29:17.0450 0x0e3c  atapi - ok
14:29:17.0466 0x0e3c  [ 8523AA8BD207F937E8C047F8713D4788, EB131C38F51DEDCE2445648CAAE7B7F04F0009EB823A77D1D08B2E9CA8EC9B7D ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
14:29:17.0492 0x0e3c  AtiHDAudioService - ok
14:29:17.0528 0x0e3c  [ 4AEF9EC86818375495FB78CA58DF4E18, 0565888F798FAB86091E7A7D8E1D583DF3CC5756A12ACF04987C67C14E360DFB ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
14:29:17.0548 0x0e3c  atksgt - detected UnsignedFile.Multi.Generic ( 1 )
14:29:19.0982 0x0e3c  Detect skipped due to KSN trusted
14:29:19.0983 0x0e3c  atksgt - ok
14:29:20.0024 0x0e3c  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:29:20.0057 0x0e3c  AudioEndpointBuilder - ok
14:29:20.0087 0x0e3c  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:29:20.0134 0x0e3c  Audiosrv - ok
14:29:20.0159 0x0e3c  [ 5CE4F1E7D1BF789919DC7F2E7603C638, 604D4D824B9FE183B82637D212D7804DC88D6475383C1E6EE4269CAAD82E7C13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:29:20.0197 0x0e3c  avast! Antivirus - ok
14:29:20.0327 0x0e3c  [ 780C1694218C375A06864E555C14BDB6, 3DEB07026ED978757706EE5D457AF6126580773C77F90DDFCCE258E5F916483F ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
14:29:20.0446 0x0e3c  AvastVBoxSvc - ok
14:29:20.0487 0x0e3c  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:29:20.0511 0x0e3c  AxInstSV - ok
14:29:20.0562 0x0e3c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:29:20.0597 0x0e3c  b06bdrv - ok
14:29:20.0604 0x0e3c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:29:20.0624 0x0e3c  BasicDisplay - ok
14:29:20.0637 0x0e3c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:29:20.0656 0x0e3c  BasicRender - ok
14:29:20.0702 0x0e3c  [ 326E77EA6E9BF27C7CD2837D65DB96C7, BDADECEFFF828BE1F77809788B1219B55F0C46BC83B17A62039C5EF71A657528 ] BazisVirtualCDBus C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys
14:29:20.0721 0x0e3c  BazisVirtualCDBus - ok
14:29:20.0754 0x0e3c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:29:20.0768 0x0e3c  bcmfn2 - ok
14:29:20.0799 0x0e3c  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:29:20.0829 0x0e3c  BDESVC - ok
14:29:20.0848 0x0e3c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:29:20.0868 0x0e3c  Beep - ok
14:29:20.0898 0x0e3c  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
14:29:20.0942 0x0e3c  BFE - ok
14:29:21.0001 0x0e3c  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
14:29:21.0053 0x0e3c  BITS - ok
14:29:21.0083 0x0e3c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:29:21.0109 0x0e3c  Bonjour Service - ok
14:29:21.0127 0x0e3c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:29:21.0151 0x0e3c  bowser - ok
14:29:21.0170 0x0e3c  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:29:21.0200 0x0e3c  BrokerInfrastructure - ok
14:29:21.0238 0x0e3c  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
14:29:21.0262 0x0e3c  Browser - ok
14:29:21.0275 0x0e3c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:29:21.0294 0x0e3c  BthAvrcpTg - ok
14:29:21.0307 0x0e3c  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:29:21.0328 0x0e3c  BthHFEnum - ok
14:29:21.0347 0x0e3c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:29:21.0367 0x0e3c  bthhfhid - ok
14:29:21.0377 0x0e3c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:29:21.0398 0x0e3c  BTHMODEM - ok
14:29:21.0438 0x0e3c  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:29:21.0472 0x0e3c  bthserv - ok
14:29:21.0497 0x0e3c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:29:21.0522 0x0e3c  cdfs - ok
14:29:21.0540 0x0e3c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:29:21.0568 0x0e3c  cdrom - ok
14:29:21.0589 0x0e3c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:29:21.0619 0x0e3c  CertPropSvc - ok
14:29:21.0632 0x0e3c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:29:21.0653 0x0e3c  circlass - ok
14:29:21.0684 0x0e3c  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:29:21.0711 0x0e3c  CLFS - ok
14:29:21.0733 0x0e3c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:29:21.0752 0x0e3c  CmBatt - ok
14:29:21.0782 0x0e3c  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:29:21.0821 0x0e3c  CNG - ok
14:29:21.0835 0x0e3c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
14:29:21.0855 0x0e3c  CompositeBus - ok
14:29:21.0858 0x0e3c  COMSysApp - ok
14:29:21.0864 0x0e3c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:29:21.0885 0x0e3c  condrv - ok
14:29:21.0919 0x0e3c  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:29:21.0945 0x0e3c  CryptSvc - ok
14:29:21.0962 0x0e3c  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
14:29:21.0999 0x0e3c  CSC - ok
14:29:22.0031 0x0e3c  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\WINDOWS\System32\cscsvc.dll
14:29:22.0076 0x0e3c  CscService - ok
14:29:22.0097 0x0e3c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:29:22.0115 0x0e3c  dam - ok
14:29:22.0160 0x0e3c  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:29:22.0205 0x0e3c  DcomLaunch - ok
14:29:22.0255 0x0e3c  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:29:22.0287 0x0e3c  defragsvc - ok
14:29:22.0325 0x0e3c  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:29:22.0358 0x0e3c  DeviceAssociationService - ok
14:29:22.0378 0x0e3c  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:29:22.0404 0x0e3c  DeviceInstall - ok
14:29:22.0421 0x0e3c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:29:22.0445 0x0e3c  Dfsc - ok
14:29:22.0468 0x0e3c  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:29:22.0499 0x0e3c  Dhcp - ok
14:29:22.0511 0x0e3c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:29:22.0532 0x0e3c  disk - ok
14:29:22.0544 0x0e3c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:29:22.0564 0x0e3c  dmvsc - ok
14:29:22.0574 0x0e3c  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:29:22.0600 0x0e3c  Dnscache - ok
14:29:22.0621 0x0e3c  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:29:22.0651 0x0e3c  dot3svc - ok
14:29:22.0675 0x0e3c  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
14:29:22.0705 0x0e3c  DPS - ok
14:29:22.0738 0x0e3c  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:29:22.0754 0x0e3c  drmkaud - ok
14:29:22.0773 0x0e3c  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:29:22.0802 0x0e3c  DsmSvc - ok
14:29:22.0836 0x0e3c  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
14:29:22.0858 0x0e3c  dtsoftbus01 - ok
14:29:22.0908 0x0e3c  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:29:22.0977 0x0e3c  DXGKrnl - ok
14:29:23.0011 0x0e3c  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
14:29:23.0035 0x0e3c  Eaphost - ok
14:29:23.0136 0x0e3c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:29:23.0254 0x0e3c  ebdrv - ok
14:29:23.0295 0x0e3c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
14:29:23.0315 0x0e3c  EFS - ok
14:29:23.0330 0x0e3c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:29:23.0349 0x0e3c  EhStorClass - ok
14:29:23.0387 0x0e3c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:29:23.0407 0x0e3c  EhStorTcgDrv - ok
14:29:23.0423 0x0e3c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:29:23.0444 0x0e3c  ErrDev - ok
14:29:23.0474 0x0e3c  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
14:29:23.0508 0x0e3c  EventSystem - ok
14:29:23.0532 0x0e3c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:29:23.0561 0x0e3c  exfat - ok
14:29:23.0580 0x0e3c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:29:23.0603 0x0e3c  fastfat - ok
14:29:23.0656 0x0e3c  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:29:23.0695 0x0e3c  Fax - ok
14:29:23.0711 0x0e3c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:29:23.0747 0x0e3c  fdc - ok
14:29:23.0782 0x0e3c  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:29:23.0826 0x0e3c  fdPHost - ok
14:29:23.0836 0x0e3c  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:29:23.0861 0x0e3c  FDResPub - ok
14:29:23.0884 0x0e3c  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:29:23.0908 0x0e3c  fhsvc - ok
14:29:23.0926 0x0e3c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:29:23.0945 0x0e3c  FileInfo - ok
14:29:23.0961 0x0e3c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:29:23.0987 0x0e3c  Filetrace - ok
14:29:23.0999 0x0e3c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:29:24.0020 0x0e3c  flpydisk - ok
14:29:24.0044 0x0e3c  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:29:24.0073 0x0e3c  FltMgr - ok
14:29:24.0127 0x0e3c  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:29:24.0185 0x0e3c  FontCache - ok
14:29:24.0242 0x0e3c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:29:24.0259 0x0e3c  FontCache3.0.0.0 - ok
14:29:24.0280 0x0e3c  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:29:24.0296 0x0e3c  FsDepends - ok
14:29:24.0302 0x0e3c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:29:24.0319 0x0e3c  Fs_Rec - ok
14:29:24.0345 0x0e3c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:29:24.0381 0x0e3c  fvevol - ok
14:29:24.0398 0x0e3c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
14:29:24.0417 0x0e3c  FxPPM - ok
14:29:24.0440 0x0e3c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
14:29:24.0457 0x0e3c  gagp30kx - ok
14:29:24.0495 0x0e3c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:29:24.0509 0x0e3c  GEARAspiWDM - ok
14:29:24.0541 0x0e3c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:29:24.0560 0x0e3c  gencounter - ok
14:29:24.0587 0x0e3c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:29:24.0610 0x0e3c  GPIOClx0101 - ok
14:29:24.0670 0x0e3c  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:29:24.0737 0x0e3c  gpsvc - ok
14:29:24.0781 0x0e3c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
14:29:24.0810 0x0e3c  HdAudAddService - ok
14:29:24.0850 0x0e3c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:29:24.0871 0x0e3c  HDAudBus - ok
14:29:24.0905 0x0e3c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:29:24.0924 0x0e3c  HidBatt - ok
14:29:24.0938 0x0e3c  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:29:24.0959 0x0e3c  HidBth - ok
14:29:24.0976 0x0e3c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:29:24.0995 0x0e3c  hidi2c - ok
14:29:25.0005 0x0e3c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
14:29:25.0025 0x0e3c  HidIr - ok
14:29:25.0057 0x0e3c  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
14:29:25.0097 0x0e3c  hidserv - ok
14:29:25.0130 0x0e3c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:29:25.0151 0x0e3c  HidUsb - ok
14:29:25.0184 0x0e3c  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
14:29:25.0208 0x0e3c  hkmsvc - ok
14:29:25.0228 0x0e3c  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:29:25.0257 0x0e3c  HomeGroupListener - ok
14:29:25.0297 0x0e3c  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:29:25.0329 0x0e3c  HomeGroupProvider - ok
14:29:25.0347 0x0e3c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:29:25.0365 0x0e3c  HpSAMD - ok
14:29:25.0402 0x0e3c  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:29:25.0454 0x0e3c  HTTP - ok
14:29:25.0461 0x0e3c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:29:25.0478 0x0e3c  hwpolicy - ok
14:29:25.0489 0x0e3c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:29:25.0507 0x0e3c  hyperkbd - ok
14:29:25.0518 0x0e3c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:29:25.0537 0x0e3c  HyperVideo - ok
14:29:25.0557 0x0e3c  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:29:25.0580 0x0e3c  i8042prt - ok
14:29:25.0587 0x0e3c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:29:25.0602 0x0e3c  iaLPSSi_GPIO - ok
14:29:25.0609 0x0e3c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:29:25.0625 0x0e3c  iaLPSSi_I2C - ok
14:29:25.0650 0x0e3c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:29:25.0683 0x0e3c  iaStorAV - ok
14:29:25.0705 0x0e3c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
14:29:25.0735 0x0e3c  iaStorV - ok
14:29:25.0740 0x0e3c  IEEtwCollectorService - ok
14:29:25.0785 0x0e3c  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:29:25.0833 0x0e3c  IKEEXT - ok
14:29:25.0855 0x0e3c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:29:25.0872 0x0e3c  intelide - ok
14:29:25.0919 0x0e3c  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:29:25.0947 0x0e3c  intelpep - ok
14:29:25.0963 0x0e3c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:29:25.0985 0x0e3c  intelppm - ok
14:29:26.0002 0x0e3c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:29:26.0027 0x0e3c  IpFilterDriver - ok
14:29:26.0076 0x0e3c  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:29:26.0126 0x0e3c  iphlpsvc - ok
14:29:26.0141 0x0e3c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:29:26.0162 0x0e3c  IPMIDRV - ok
14:29:26.0179 0x0e3c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
14:29:26.0203 0x0e3c  IPNAT - ok
14:29:26.0252 0x0e3c  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:29:26.0283 0x0e3c  iPod Service - ok
14:29:26.0297 0x0e3c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
14:29:26.0319 0x0e3c  IRENUM - ok
14:29:26.0332 0x0e3c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:29:26.0349 0x0e3c  isapnp - ok
14:29:26.0374 0x0e3c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:29:26.0401 0x0e3c  iScsiPrt - ok
14:29:26.0417 0x0e3c  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:29:26.0437 0x0e3c  kbdclass - ok
14:29:26.0445 0x0e3c  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:29:26.0466 0x0e3c  kbdhid - ok
14:29:26.0483 0x0e3c  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
14:29:26.0499 0x0e3c  kbldfltr - ok
14:29:26.0514 0x0e3c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
14:29:26.0534 0x0e3c  kdnic - ok
14:29:26.0539 0x0e3c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:29:26.0557 0x0e3c  KeyIso - ok
14:29:26.0573 0x0e3c  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:29:26.0591 0x0e3c  KSecDD - ok
14:29:26.0618 0x0e3c  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:29:26.0642 0x0e3c  KSecPkg - ok
14:29:26.0653 0x0e3c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
14:29:26.0677 0x0e3c  ksthunk - ok
14:29:26.0722 0x0e3c  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
14:29:26.0763 0x0e3c  KtmRm - ok
14:29:26.0812 0x0e3c  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:29:26.0842 0x0e3c  LanmanServer - ok
14:29:26.0887 0x0e3c  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:29:26.0918 0x0e3c  LanmanWorkstation - ok
14:29:26.0950 0x0e3c  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
14:29:26.0984 0x0e3c  lfsvc - ok
14:29:27.0015 0x0e3c  [ B658B7076B1ACAA5876524595630F183, 3B800B81D0966C2B988857847F35FCA5BB446B368063B10094FB4483A1508B8E ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
14:29:27.0028 0x0e3c  lirsgt - detected UnsignedFile.Multi.Generic ( 1 )
14:29:29.0553 0x0e3c  Detect skipped due to KSN trusted
14:29:29.0553 0x0e3c  lirsgt - ok
14:29:29.0570 0x0e3c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
14:29:29.0607 0x0e3c  lltdio - ok
14:29:29.0647 0x0e3c  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
14:29:29.0697 0x0e3c  lltdsvc - ok
14:29:29.0716 0x0e3c  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
14:29:29.0737 0x0e3c  lmhosts - ok
14:29:29.0753 0x0e3c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
14:29:29.0773 0x0e3c  LSI_SAS - ok
14:29:29.0785 0x0e3c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
14:29:29.0803 0x0e3c  LSI_SAS2 - ok
14:29:29.0818 0x0e3c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
14:29:29.0836 0x0e3c  LSI_SAS3 - ok
14:29:29.0852 0x0e3c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
14:29:29.0871 0x0e3c  LSI_SSS - ok
14:29:29.0901 0x0e3c  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
14:29:29.0941 0x0e3c  LSM - ok
14:29:29.0951 0x0e3c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
14:29:29.0972 0x0e3c  luafv - ok
14:29:29.0985 0x0e3c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
14:29:30.0003 0x0e3c  megasas - ok
14:29:30.0025 0x0e3c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:29:30.0060 0x0e3c  megasr - ok
14:29:30.0095 0x0e3c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
14:29:30.0118 0x0e3c  MMCSS - ok
14:29:30.0136 0x0e3c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
14:29:30.0158 0x0e3c  Modem - ok
14:29:30.0170 0x0e3c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
14:29:30.0189 0x0e3c  monitor - ok
14:29:30.0201 0x0e3c  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:29:30.0218 0x0e3c  mouclass - ok
14:29:30.0229 0x0e3c  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:29:30.0249 0x0e3c  mouhid - ok
14:29:30.0264 0x0e3c  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:29:30.0283 0x0e3c  mountmgr - ok
14:29:30.0350 0x0e3c  [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:29:30.0369 0x0e3c  MozillaMaintenance - ok
14:29:30.0384 0x0e3c  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:29:30.0406 0x0e3c  mpsdrv - ok
14:29:30.0438 0x0e3c  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:29:30.0485 0x0e3c  MpsSvc - ok
14:29:30.0520 0x0e3c  [ 9054B51D656282CFF395F9F22E369DCC, 26ED08ADCEA48FC263AE58525B9FB7ED47DE58FD0E09BB89EC60EB68A265BDBF ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
14:29:30.0543 0x0e3c  MQAC - ok
14:29:30.0569 0x0e3c  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:29:30.0590 0x0e3c  MRxDAV - ok
14:29:30.0620 0x0e3c  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:29:30.0653 0x0e3c  mrxsmb - ok
14:29:30.0667 0x0e3c  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:29:30.0694 0x0e3c  mrxsmb10 - ok
14:29:30.0738 0x0e3c  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:29:30.0762 0x0e3c  mrxsmb20 - ok
14:29:30.0786 0x0e3c  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
14:29:30.0808 0x0e3c  MsBridge - ok
14:29:30.0815 0x0e3c  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:29:30.0840 0x0e3c  MSDTC - ok
14:29:30.0878 0x0e3c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:29:30.0898 0x0e3c  Msfs - ok
14:29:30.0914 0x0e3c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:29:30.0931 0x0e3c  msgpiowin32 - ok
14:29:30.0946 0x0e3c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:29:30.0964 0x0e3c  mshidkmdf - ok
14:29:30.0976 0x0e3c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
14:29:30.0995 0x0e3c  mshidumdf - ok
14:29:31.0013 0x0e3c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:29:31.0030 0x0e3c  msisadrv - ok
14:29:31.0072 0x0e3c  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
14:29:31.0126 0x0e3c  MSiSCSI - ok
14:29:31.0135 0x0e3c  msiserver - ok
14:29:31.0175 0x0e3c  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
14:29:31.0200 0x0e3c  MsKeyboardFilter - ok
14:29:31.0214 0x0e3c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:29:31.0233 0x0e3c  MSKSSRV - ok
14:29:31.0248 0x0e3c  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
14:29:31.0271 0x0e3c  MsLldp - ok
14:29:31.0310 0x0e3c  [ 8DB47E205BB11C2B9A9949DF369ADBCF, 93A6D757C7BFD9E18065B4B52E9DD382F2FAE8683DE290AE2DD2A0D9E82459A3 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
14:29:31.0331 0x0e3c  MSMQ - ok
14:29:31.0343 0x0e3c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:29:31.0363 0x0e3c  MSPCLOCK - ok
14:29:31.0376 0x0e3c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:29:31.0396 0x0e3c  MSPQM - ok
14:29:31.0413 0x0e3c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
14:29:31.0441 0x0e3c  MsRPC - ok
14:29:31.0457 0x0e3c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:29:31.0474 0x0e3c  mssmbios - ok
14:29:31.0490 0x0e3c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:29:31.0508 0x0e3c  MSTEE - ok
14:29:31.0515 0x0e3c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:29:31.0535 0x0e3c  MTConfig - ok
14:29:31.0550 0x0e3c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
14:29:31.0569 0x0e3c  Mup - ok
14:29:31.0588 0x0e3c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:29:31.0606 0x0e3c  mvumis - ok
14:29:31.0646 0x0e3c  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
14:29:31.0683 0x0e3c  napagent - ok
14:29:31.0727 0x0e3c  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:29:31.0760 0x0e3c  NativeWifiP - ok
14:29:31.0796 0x0e3c  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:29:31.0826 0x0e3c  NcaSvc - ok
14:29:31.0851 0x0e3c  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:29:31.0904 0x0e3c  NcbService - ok
14:29:31.0942 0x0e3c  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:29:31.0973 0x0e3c  NcdAutoSetup - ok
14:29:32.0034 0x0e3c  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:29:32.0091 0x0e3c  NDIS - ok
14:29:32.0108 0x0e3c  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
14:29:32.0132 0x0e3c  NdisCap - ok
14:29:32.0150 0x0e3c  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
14:29:32.0174 0x0e3c  NdisImPlatform - ok
14:29:32.0182 0x0e3c  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:29:32.0205 0x0e3c  NdisTapi - ok
14:29:32.0220 0x0e3c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:29:32.0241 0x0e3c  Ndisuio - ok
14:29:32.0260 0x0e3c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:29:32.0282 0x0e3c  NdisVirtualBus - ok
14:29:32.0300 0x0e3c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:29:32.0328 0x0e3c  NdisWan - ok
14:29:32.0334 0x0e3c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:29:32.0361 0x0e3c  NdisWanLegacy - ok
14:29:32.0382 0x0e3c  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:29:32.0403 0x0e3c  NDProxy - ok
14:29:32.0424 0x0e3c  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:29:32.0452 0x0e3c  Ndu - ok
14:29:32.0462 0x0e3c  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:29:32.0484 0x0e3c  NetBIOS - ok
14:29:32.0497 0x0e3c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:29:32.0523 0x0e3c  NetBT - ok
14:29:32.0538 0x0e3c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:29:32.0557 0x0e3c  Netlogon - ok
14:29:32.0568 0x0e3c  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
14:29:32.0597 0x0e3c  Netman - ok
14:29:32.0633 0x0e3c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:29:32.0654 0x0e3c  NetMsmqActivator - ok
14:29:32.0659 0x0e3c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:29:32.0680 0x0e3c  NetPipeActivator - ok
14:29:32.0703 0x0e3c  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:29:32.0742 0x0e3c  netprofm - ok
14:29:32.0748 0x0e3c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:29:32.0768 0x0e3c  NetTcpPortSharing - ok
14:29:32.0791 0x0e3c  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
14:29:32.0812 0x0e3c  netvsc - ok
14:29:32.0842 0x0e3c  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:29:32.0877 0x0e3c  NlaSvc - ok
14:29:32.0890 0x0e3c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:29:32.0914 0x0e3c  Npfs - ok
14:29:32.0924 0x0e3c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
14:29:32.0943 0x0e3c  npsvctrig - ok
14:29:32.0980 0x0e3c  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
14:29:33.0003 0x0e3c  nsi - ok
14:29:33.0011 0x0e3c  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:29:33.0032 0x0e3c  nsiproxy - ok
14:29:33.0113 0x0e3c  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:29:33.0196 0x0e3c  Ntfs - ok
14:29:33.0205 0x0e3c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:29:33.0226 0x0e3c  Null - ok
14:29:33.0257 0x0e3c  [ 37B0088B8E7F2A8AD0AE2281A70E0D13, 50256EEADBBC5CCCF3EBAEB9020D91EDB9961E7404BD41067A4290362BE6962F ] NVNET           C:\WINDOWS\system32\DRIVERS\nvmf6264.sys
14:29:33.0285 0x0e3c  NVNET - ok
14:29:33.0305 0x0e3c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:29:33.0326 0x0e3c  nvraid - ok
14:29:33.0342 0x0e3c  [ E58D81FB8616D0CB55C1E36AA0B213C9, D83F78615889A466ADE2BFEF7AB357C0D31B7FA9A1A52668DED32A51FEFA87B5 ] nvsmu           C:\WINDOWS\system32\DRIVERS\nvsmu.sys
14:29:33.0356 0x0e3c  nvsmu - ok
14:29:33.0376 0x0e3c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:29:33.0398 0x0e3c  nvstor - ok
14:29:33.0437 0x0e3c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
14:29:33.0457 0x0e3c  nv_agp - ok
14:29:33.0505 0x0e3c  [ 3825F59AE3277880D04A620CCA8CF3EA, 82C09B1681C817C46BC2D4E845DF4EB75F3FE4A5BFE3D25A92816F5479FE1859 ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
14:29:33.0517 0x0e3c  OpenVPNService - detected UnsignedFile.Multi.Generic ( 1 )
14:29:35.0932 0x0e3c  Detect skipped due to KSN trusted
14:29:35.0932 0x0e3c  OpenVPNService - ok
14:29:35.0971 0x0e3c  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:29:36.0001 0x0e3c  p2pimsvc - ok
14:29:36.0054 0x0e3c  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:29:36.0086 0x0e3c  p2psvc - ok
14:29:36.0097 0x0e3c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
14:29:36.0121 0x0e3c  Parport - ok
14:29:36.0133 0x0e3c  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:29:36.0153 0x0e3c  partmgr - ok
14:29:36.0175 0x0e3c  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:29:36.0214 0x0e3c  PcaSvc - ok
14:29:36.0258 0x0e3c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
14:29:36.0287 0x0e3c  pci - ok
14:29:36.0303 0x0e3c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:29:36.0320 0x0e3c  pciide - ok
14:29:36.0335 0x0e3c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:29:36.0354 0x0e3c  pcmcia - ok
14:29:36.0371 0x0e3c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
14:29:36.0388 0x0e3c  pcw - ok
14:29:36.0400 0x0e3c  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
14:29:36.0419 0x0e3c  pdc - ok
14:29:36.0444 0x0e3c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:29:36.0480 0x0e3c  PEAUTH - ok
14:29:36.0536 0x0e3c  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
14:29:36.0613 0x0e3c  PeerDistSvc - ok
14:29:36.0704 0x0e3c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:29:36.0752 0x0e3c  PerfHost - ok
14:29:36.0804 0x0e3c  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
14:29:36.0868 0x0e3c  pla - ok
14:29:36.0896 0x0e3c  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:29:36.0925 0x0e3c  PlugPlay - ok
14:29:36.0938 0x0e3c  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
14:29:36.0961 0x0e3c  PNRPAutoReg - ok
14:29:36.0978 0x0e3c  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
14:29:37.0010 0x0e3c  PNRPsvc - ok
14:29:37.0055 0x0e3c  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:29:37.0098 0x0e3c  PolicyAgent - ok
14:29:37.0137 0x0e3c  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
14:29:37.0160 0x0e3c  Power - ok
14:29:37.0317 0x0e3c  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:29:37.0413 0x0e3c  PrintNotify - ok
14:29:37.0698 0x0e3c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
14:29:37.0743 0x0e3c  Processor - ok
14:29:37.0778 0x0e3c  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
14:29:37.0809 0x0e3c  ProfSvc - ok
14:29:37.0825 0x0e3c  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
14:29:37.0850 0x0e3c  Psched - ok
14:29:37.0868 0x0e3c  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:29:37.0898 0x0e3c  QWAVE - ok
14:29:37.0908 0x0e3c  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:29:37.0930 0x0e3c  QWAVEdrv - ok
14:29:37.0940 0x0e3c  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:29:37.0962 0x0e3c  RasAcd - ok
14:29:37.0976 0x0e3c  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:29:38.0002 0x0e3c  RasAuto - ok
14:29:38.0024 0x0e3c  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:29:38.0061 0x0e3c  RasMan - ok
14:29:38.0074 0x0e3c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:29:38.0097 0x0e3c  RasPppoe - ok
14:29:38.0117 0x0e3c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:29:38.0146 0x0e3c  rdbss - ok
14:29:38.0161 0x0e3c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:29:38.0180 0x0e3c  rdpbus - ok
14:29:38.0197 0x0e3c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
14:29:38.0221 0x0e3c  RDPDR - ok
14:29:38.0249 0x0e3c  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:29:38.0266 0x0e3c  RdpVideoMiniport - ok
14:29:38.0284 0x0e3c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:29:38.0309 0x0e3c  rdyboost - ok
14:29:38.0344 0x0e3c  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
14:29:38.0389 0x0e3c  ReFS - ok
14:29:38.0427 0x0e3c  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:29:38.0456 0x0e3c  RemoteAccess - ok
14:29:38.0516 0x0e3c  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:29:38.0545 0x0e3c  RemoteRegistry - ok
14:29:38.0643 0x0e3c  [ A10B40CF9EB57D24E44717A2D38A00F4, 6964D1C49C032757E656436556470C5B8446E9DC6456D77D1A9303224AD90021 ] RivaTuner64     C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
14:29:38.0683 0x0e3c  RivaTuner64 - ok
14:29:38.0701 0x0e3c  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:29:38.0725 0x0e3c  RpcEptMapper - ok
14:29:38.0766 0x0e3c  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:29:38.0786 0x0e3c  RpcLocator - ok
14:29:38.0812 0x0e3c  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:29:38.0854 0x0e3c  RpcSs - ok
14:29:38.0870 0x0e3c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
14:29:38.0893 0x0e3c  rspndr - ok
14:29:38.0943 0x0e3c  [ 3AACAA62758FA6D178043D78BA89BEBC, 862D0FF27BB086145A33B9261142838651B0D2E1403BE321145E197600EB5015 ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
14:29:38.0981 0x0e3c  RTCore64 - ok
14:29:39.0006 0x0e3c  [ 0988FECD9D924F5B4855D049E68BAAD3, 788B379B01F26C7C46DF0D3E9E37F9964831AAFD0762DDD17345478A97ADE83D ] rzdaendpt       C:\WINDOWS\System32\drivers\rzdaendpt.sys
14:29:39.0024 0x0e3c  rzdaendpt - ok
14:29:39.0050 0x0e3c  [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd           C:\WINDOWS\System32\drivers\rzudd.sys
14:29:39.0073 0x0e3c  rzudd - ok
14:29:39.0093 0x0e3c  [ 2AD977273D8B3F2169411E8AED7C8702, FCC3D579AFC9958C0CE3FB202061D36C66FC6803AFD7B99DBFC41412F9131E34 ] rzvkeyboard     C:\WINDOWS\System32\drivers\rzvkeyboard.sys
14:29:39.0111 0x0e3c  rzvkeyboard - ok
14:29:39.0123 0x0e3c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
14:29:39.0145 0x0e3c  s3cap - ok
14:29:39.0155 0x0e3c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:29:39.0174 0x0e3c  SamSs - ok
14:29:39.0187 0x0e3c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:29:39.0205 0x0e3c  sbp2port - ok
14:29:39.0225 0x0e3c  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:29:39.0254 0x0e3c  SCardSvr - ok
14:29:39.0264 0x0e3c  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:29:39.0290 0x0e3c  ScDeviceEnum - ok
14:29:39.0304 0x0e3c  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:29:39.0325 0x0e3c  scfilter - ok
14:29:39.0372 0x0e3c  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:29:39.0429 0x0e3c  Schedule - ok
14:29:39.0475 0x0e3c  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
14:29:39.0500 0x0e3c  SCPolicySvc - ok
14:29:39.0519 0x0e3c  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
14:29:39.0542 0x0e3c  sdbus - ok
14:29:39.0561 0x0e3c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:29:39.0580 0x0e3c  sdstor - ok
14:29:39.0588 0x0e3c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
14:29:39.0607 0x0e3c  secdrv - ok
14:29:39.0618 0x0e3c  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:29:39.0642 0x0e3c  seclogon - ok
14:29:39.0680 0x0e3c  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
14:29:39.0707 0x0e3c  SENS - ok
14:29:39.0730 0x0e3c  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:29:39.0759 0x0e3c  SensrSvc - ok
14:29:39.0778 0x0e3c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
14:29:39.0798 0x0e3c  SerCx - ok
14:29:39.0816 0x0e3c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:29:39.0838 0x0e3c  SerCx2 - ok
14:29:39.0855 0x0e3c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
14:29:39.0875 0x0e3c  Serenum - ok
14:29:39.0887 0x0e3c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:29:39.0908 0x0e3c  Serial - ok
14:29:39.0919 0x0e3c  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:29:39.0938 0x0e3c  sermouse - ok
14:29:39.0977 0x0e3c  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:29:40.0006 0x0e3c  SessionEnv - ok
14:29:40.0030 0x0e3c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
14:29:40.0050 0x0e3c  sfloppy - ok
14:29:40.0093 0x0e3c  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:29:40.0125 0x0e3c  SharedAccess - ok
14:29:40.0151 0x0e3c  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:29:40.0207 0x0e3c  ShellHWDetection - ok
14:29:40.0220 0x0e3c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:29:40.0238 0x0e3c  SiSRaid2 - ok
14:29:40.0256 0x0e3c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:29:40.0274 0x0e3c  SiSRaid4 - ok
14:29:40.0290 0x0e3c  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
14:29:40.0313 0x0e3c  smphost - ok
14:29:40.0329 0x0e3c  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:29:40.0354 0x0e3c  SNMPTRAP - ok
14:29:40.0399 0x0e3c  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
14:29:40.0429 0x0e3c  spaceport - ok
14:29:40.0460 0x0e3c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
14:29:40.0478 0x0e3c  SpbCx - ok
14:29:40.0561 0x0e3c  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\WINDOWS\syswow64\speedfan.sys
14:29:40.0600 0x0e3c  speedfan - ok
14:29:40.0633 0x0e3c  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
14:29:40.0677 0x0e3c  Spooler - ok
14:29:40.0852 0x0e3c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:29:41.0057 0x0e3c  sppsvc - ok
14:29:41.0098 0x0e3c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:29:41.0127 0x0e3c  srv - ok
14:29:41.0152 0x0e3c  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:29:41.0194 0x0e3c  srv2 - ok
14:29:41.0221 0x0e3c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:29:41.0245 0x0e3c  srvnet - ok
14:29:41.0282 0x0e3c  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:29:41.0314 0x0e3c  SSDPSRV - ok
14:29:41.0323 0x0e3c  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
14:29:41.0351 0x0e3c  SstpSvc - ok
14:29:41.0441 0x0e3c  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:29:41.0491 0x0e3c  Steam Client Service - ok
14:29:41.0506 0x0e3c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:29:41.0523 0x0e3c  stexstor - ok
14:29:41.0549 0x0e3c  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:29:41.0588 0x0e3c  stisvc - ok
14:29:41.0626 0x0e3c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:29:41.0646 0x0e3c  storahci - ok
14:29:41.0669 0x0e3c  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
14:29:41.0687 0x0e3c  storflt - ok
14:29:41.0698 0x0e3c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:29:41.0715 0x0e3c  stornvme - ok
14:29:41.0730 0x0e3c  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
14:29:41.0751 0x0e3c  StorSvc - ok
14:29:41.0764 0x0e3c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
14:29:41.0780 0x0e3c  storvsc - ok
14:29:41.0793 0x0e3c  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
14:29:41.0814 0x0e3c  storvsp - ok
14:29:41.0821 0x0e3c  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
14:29:41.0848 0x0e3c  svsvc - ok
14:29:41.0860 0x0e3c  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
14:29:41.0877 0x0e3c  swenum - ok
14:29:41.0904 0x0e3c  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
14:29:41.0946 0x0e3c  swprv - ok
14:29:41.0986 0x0e3c  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
14:29:42.0046 0x0e3c  SysMain - ok
14:29:42.0067 0x0e3c  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:29:42.0099 0x0e3c  SystemEventsBroker - ok
14:29:42.0118 0x0e3c  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:29:42.0145 0x0e3c  TabletInputService - ok
14:29:42.0164 0x0e3c  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:29:42.0193 0x0e3c  TapiSrv - ok
14:29:42.0264 0x0e3c  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
14:29:42.0362 0x0e3c  Tcpip - ok
14:29:42.0423 0x0e3c  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:29:42.0524 0x0e3c  TCPIP6 - ok
14:29:42.0549 0x0e3c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:29:42.0568 0x0e3c  tcpipreg - ok
14:29:42.0604 0x0e3c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
14:29:42.0625 0x0e3c  tdx - ok
14:29:42.0642 0x0e3c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:29:42.0658 0x0e3c  terminpt - ok
14:29:42.0710 0x0e3c  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
14:29:42.0759 0x0e3c  TermService - ok
14:29:42.0782 0x0e3c  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
14:29:42.0815 0x0e3c  Themes - ok
14:29:42.0889 0x0e3c  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
14:29:42.0911 0x0e3c  THREADORDER - ok
14:29:42.0930 0x0e3c  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
14:29:42.0963 0x0e3c  TimeBroker - ok
14:29:42.0978 0x0e3c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
14:29:42.0999 0x0e3c  TPM - ok
14:29:43.0013 0x0e3c  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:29:43.0037 0x0e3c  TrkWks - ok
14:29:43.0103 0x0e3c  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:29:43.0124 0x0e3c  TrustedInstaller - ok
14:29:43.0140 0x0e3c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
14:29:43.0159 0x0e3c  TsUsbFlt - ok
14:29:43.0176 0x0e3c  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:29:43.0195 0x0e3c  TsUsbGD - ok
14:29:43.0211 0x0e3c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
14:29:43.0235 0x0e3c  tunnel - ok
14:29:43.0251 0x0e3c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
14:29:43.0269 0x0e3c  uagp35 - ok
14:29:43.0281 0x0e3c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:29:43.0300 0x0e3c  UASPStor - ok
14:29:43.0310 0x0e3c  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
14:29:43.0333 0x0e3c  UCX01000 - ok
14:29:43.0360 0x0e3c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:29:43.0392 0x0e3c  udfs - ok
14:29:43.0413 0x0e3c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:29:43.0430 0x0e3c  UEFI - ok
14:29:43.0451 0x0e3c  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
14:29:43.0477 0x0e3c  UI0Detect - ok
14:29:43.0495 0x0e3c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
14:29:43.0513 0x0e3c  uliagpkx - ok
14:29:43.0530 0x0e3c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
14:29:43.0550 0x0e3c  umbus - ok
14:29:43.0564 0x0e3c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:29:43.0582 0x0e3c  UmPass - ok
14:29:43.0628 0x0e3c  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:29:43.0656 0x0e3c  UmRdpService - ok
14:29:43.0683 0x0e3c  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:29:43.0718 0x0e3c  upnphost - ok
14:29:43.0762 0x0e3c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
14:29:43.0781 0x0e3c  usbccgp - ok
14:29:43.0793 0x0e3c  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:29:43.0815 0x0e3c  usbcir - ok
14:29:43.0830 0x0e3c  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
14:29:43.0849 0x0e3c  usbehci - ok
14:29:43.0897 0x0e3c  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:29:43.0927 0x0e3c  usbhub - ok
14:29:43.0957 0x0e3c  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
14:29:43.0989 0x0e3c  USBHUB3 - ok
14:29:44.0009 0x0e3c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
14:29:44.0028 0x0e3c  usbohci - ok
14:29:44.0047 0x0e3c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:29:44.0066 0x0e3c  usbprint - ok
14:29:44.0085 0x0e3c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:29:44.0106 0x0e3c  USBSTOR - ok
14:29:44.0122 0x0e3c  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
14:29:44.0142 0x0e3c  usbuhci - ok
14:29:44.0168 0x0e3c  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:29:44.0225 0x0e3c  USBXHCI - ok
14:29:44.0265 0x0e3c  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:29:44.0289 0x0e3c  VaultSvc - ok
14:29:44.0381 0x0e3c  [ C650F6CB1AB3128CFB8A2D1259BA5F1B, 2DE386109AAE4AB55E6FE23454A5A817BA1457E4C4F9B93350EA7983B6BCBB1A ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
14:29:44.0432 0x0e3c  VBoxAswDrv - ok
14:29:44.0445 0x0e3c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:29:44.0465 0x0e3c  vdrvroot - ok
14:29:44.0551 0x0e3c  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
14:29:44.0609 0x0e3c  vds - ok
14:29:44.0629 0x0e3c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
14:29:44.0651 0x0e3c  VerifierExt - ok
14:29:44.0669 0x0e3c  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
14:29:44.0704 0x0e3c  vhdmp - ok
14:29:44.0720 0x0e3c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
14:29:44.0736 0x0e3c  viaide - ok
14:29:44.0755 0x0e3c  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
14:29:44.0779 0x0e3c  Vid - ok
14:29:44.0796 0x0e3c  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
14:29:44.0815 0x0e3c  vmbus - ok
14:29:44.0825 0x0e3c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:29:44.0844 0x0e3c  VMBusHID - ok
14:29:44.0857 0x0e3c  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
14:29:44.0878 0x0e3c  vmbusr - ok
14:29:44.0922 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:29:44.0959 0x0e3c  vmicguestinterface - ok
14:29:44.0973 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
14:29:45.0010 0x0e3c  vmicheartbeat - ok
14:29:45.0024 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:29:45.0063 0x0e3c  vmickvpexchange - ok
14:29:45.0076 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
14:29:45.0134 0x0e3c  vmicrdv - ok
14:29:45.0149 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
14:29:45.0187 0x0e3c  vmicshutdown - ok
14:29:45.0202 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
14:29:45.0239 0x0e3c  vmictimesync - ok
14:29:45.0253 0x0e3c  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
14:29:45.0289 0x0e3c  vmicvss - ok
14:29:45.0311 0x0e3c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
14:29:45.0328 0x0e3c  volmgr - ok
14:29:45.0344 0x0e3c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
14:29:45.0371 0x0e3c  volmgrx - ok
14:29:45.0414 0x0e3c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
14:29:45.0441 0x0e3c  volsnap - ok
14:29:45.0453 0x0e3c  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
14:29:45.0471 0x0e3c  vpci - ok
14:29:45.0484 0x0e3c  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
14:29:45.0504 0x0e3c  vpcivsp - ok
14:29:45.0526 0x0e3c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
14:29:45.0547 0x0e3c  vsmraid - ok
14:29:45.0599 0x0e3c  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
14:29:45.0664 0x0e3c  VSS - ok
14:29:45.0684 0x0e3c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
14:29:45.0708 0x0e3c  VSTXRAID - ok
14:29:45.0729 0x0e3c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
14:29:45.0748 0x0e3c  vwifibus - ok
14:29:45.0797 0x0e3c  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
14:29:45.0835 0x0e3c  W32Time - ok
14:29:45.0906 0x0e3c  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
14:29:45.0928 0x0e3c  w3logsvc - ok
14:29:45.0957 0x0e3c  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:29:45.0991 0x0e3c  W3SVC - ok
14:29:46.0009 0x0e3c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
14:29:46.0028 0x0e3c  WacomPen - ok
14:29:46.0043 0x0e3c  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:29:46.0077 0x0e3c  WAS - ok
14:29:46.0120 0x0e3c  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
14:29:46.0183 0x0e3c  wbengine - ok
14:29:46.0207 0x0e3c  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
14:29:46.0243 0x0e3c  WbioSrvc - ok
14:29:46.0262 0x0e3c  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
14:29:46.0301 0x0e3c  Wcmsvc - ok
14:29:46.0325 0x0e3c  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
14:29:46.0364 0x0e3c  wcncsvc - ok
14:29:46.0378 0x0e3c  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:29:46.0403 0x0e3c  WcsPlugInService - ok
14:29:46.0419 0x0e3c  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
14:29:46.0438 0x0e3c  WdBoot - ok
14:29:46.0484 0x0e3c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
14:29:46.0525 0x0e3c  Wdf01000 - ok
14:29:46.0545 0x0e3c  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
14:29:46.0571 0x0e3c  WdFilter - ok
14:29:46.0585 0x0e3c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
14:29:46.0616 0x0e3c  WdiServiceHost - ok
14:29:46.0623 0x0e3c  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
14:29:46.0656 0x0e3c  WdiSystemHost - ok
14:29:46.0667 0x0e3c  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:29:46.0687 0x0e3c  WdNisDrv - ok
14:29:46.0724 0x0e3c  WdNisSvc - ok
14:29:46.0762 0x0e3c  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:29:46.0790 0x0e3c  WebClient - ok
14:29:46.0805 0x0e3c  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
14:29:46.0835 0x0e3c  Wecsvc - ok
14:29:46.0855 0x0e3c  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
14:29:46.0882 0x0e3c  WEPHOSTSVC - ok
14:29:46.0902 0x0e3c  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
14:29:46.0930 0x0e3c  wercplsupport - ok
14:29:46.0945 0x0e3c  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
14:29:46.0971 0x0e3c  WerSvc - ok
14:29:46.0992 0x0e3c  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
14:29:47.0014 0x0e3c  WFPLWFS - ok
14:29:47.0033 0x0e3c  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
14:29:47.0057 0x0e3c  WiaRpc - ok
14:29:47.0070 0x0e3c  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
14:29:47.0088 0x0e3c  WIMMount - ok
14:29:47.0091 0x0e3c  WinDefend - ok
14:29:47.0149 0x0e3c  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:29:47.0198 0x0e3c  WinHttpAutoProxySvc - ok
14:29:47.0269 0x0e3c  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:29:47.0296 0x0e3c  Winmgmt - ok
14:29:47.0382 0x0e3c  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
14:29:47.0486 0x0e3c  WinRM - ok
14:29:47.0559 0x0e3c  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
14:29:47.0633 0x0e3c  WlanSvc - ok
14:29:47.0690 0x0e3c  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
14:29:47.0767 0x0e3c  wlidsvc - ok
14:29:47.0780 0x0e3c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
14:29:47.0800 0x0e3c  WmiAcpi - ok
14:29:47.0841 0x0e3c  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:29:47.0867 0x0e3c  wmiApSrv - ok
14:29:47.0895 0x0e3c  WMPNetworkSvc - ok
14:29:47.0916 0x0e3c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
14:29:47.0940 0x0e3c  Wof - ok
14:29:47.0989 0x0e3c  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
14:29:48.0061 0x0e3c  workfolderssvc - ok
14:29:48.0096 0x0e3c  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:29:48.0117 0x0e3c  wpcfltr - ok
14:29:48.0134 0x0e3c  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
14:29:48.0158 0x0e3c  WPCSvc - ok
14:29:48.0199 0x0e3c  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
14:29:48.0223 0x0e3c  WPDBusEnum - ok
14:29:48.0239 0x0e3c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:29:48.0255 0x0e3c  WpdUpFltr - ok
14:29:48.0263 0x0e3c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:29:48.0285 0x0e3c  ws2ifsl - ok
14:29:48.0324 0x0e3c  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:29:48.0352 0x0e3c  wscsvc - ok
14:29:48.0391 0x0e3c  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
14:29:48.0413 0x0e3c  WSDPrintDevice - ok
14:29:48.0436 0x0e3c  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
14:29:48.0459 0x0e3c  WSDScan - ok
14:29:48.0465 0x0e3c  WSearch - ok
14:29:48.0579 0x0e3c  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
14:29:48.0708 0x0e3c  WSService - ok
14:29:48.0809 0x0e3c  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:29:48.0923 0x0e3c  wuauserv - ok
14:29:48.0954 0x0e3c  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:29:48.0975 0x0e3c  WudfPf - ok
14:29:48.0991 0x0e3c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
14:29:49.0015 0x0e3c  WUDFRd - ok
14:29:49.0030 0x0e3c  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
14:29:49.0056 0x0e3c  wudfsvc - ok
14:29:49.0065 0x0e3c  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:29:49.0091 0x0e3c  WUDFWpdFs - ok
14:29:49.0134 0x0e3c  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
14:29:49.0177 0x0e3c  WwanSvc - ok
14:29:49.0210 0x0e3c  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
14:29:49.0235 0x0e3c  xusb22 - ok
14:29:49.0240 0x0e3c  ================ Scan global ===============================
14:29:49.0279 0x0e3c  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
14:29:49.0317 0x0e3c  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
14:29:49.0337 0x0e3c  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
14:29:49.0369 0x0e3c  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
14:29:49.0378 0x0e3c  [ Global ] - ok
14:29:49.0379 0x0e3c  ================ Scan MBR ==================================
14:29:49.0390 0x0e3c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:29:49.0597 0x0e3c  \Device\Harddisk0\DR0 - ok
14:29:49.0597 0x0e3c  ================ Scan VBR ==================================
14:29:49.0599 0x0e3c  [ D6E3F63DCB4BF0AC70A7A7B338E646DC ] \Device\Harddisk0\DR0\Partition1
14:29:49.0646 0x0e3c  \Device\Harddisk0\DR0\Partition1 - ok
14:29:49.0648 0x0e3c  [ 5434386BF2F93E0E47FDFD475D8D588D ] \Device\Harddisk0\DR0\Partition2
14:29:49.0694 0x0e3c  \Device\Harddisk0\DR0\Partition2 - ok
14:29:49.0695 0x0e3c  ================ Scan generic autorun ======================
14:29:49.0852 0x0e3c  [ B66E0842FCF485F3E2D41BF0BA10966F, 966B8386B2D060167E8EAAE478509013A8729FE2CF11F890D3F9DCDA90768F34 ] C:\Users\Oliver\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
14:29:49.0923 0x0e3c  Spotify Web Helper - ok
14:29:49.0976 0x0e3c  [ F13E18301E9F3CBD1CC9AA46DE6BDA6B, 8CF782346907CE6F273BCB4628F3C776A7B402E512E8E073567EF897BCB69C7E ] C:\PROGRA~2\Raptr\raptrstub.exe
14:29:49.0995 0x0e3c  Raptr - ok
14:29:50.0048 0x0e3c  EPLTarget\P0000000000000000 - ok
14:29:50.0048 0x0e3c  Waiting for KSN requests completion. In queue: 288
14:29:51.0049 0x0e3c  Waiting for KSN requests completion. In queue: 288
14:29:52.0050 0x0e3c  Waiting for KSN requests completion. In queue: 288
14:29:53.0084 0x0e3c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
14:29:53.0086 0x0e3c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2206.692 ), 0x41000 ( enabled : updated )
14:29:53.0093 0x0e3c  Win FW state via NFP2: enabled
14:29:55.0633 0x0e3c  ============================================================
14:29:55.0633 0x0e3c  Scan finished
14:29:55.0633 0x0e3c  ============================================================
14:29:55.0647 0x1070  Detected object count: 0
14:29:55.0647 0x1070  Actual detected object count: 0
         
__________________

Alt 25.11.2014, 16:30   #4
Harri3r
 
Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



FRST Teil 1
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by Oliver.™ (administrator) on OLIVER-PC on 24-11-2014 20:19:14
Running from C:\Users\Oliver\Downloads
Loaded Profiles: Oliver.™ &  (Available profiles: Oliver.™ & DefaultAppPool)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Malwarebytes Corporation) C:\Users\Oliver\Desktop\mbar\mbar.exe
() C:\Program Files (x86)\HexChat\hexchat.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-10-24] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-11-13] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-05] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\Run: [Spotify Web Helper] => C:\Users\Oliver\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-06] (Spotify Ltd)
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-10-17] (Raptr, Inc)
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-215 217 Series"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Oliver\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-06] (Spotify Ltd)
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-10-17] (Raptr, Inc)
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILGE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-215 217 Series"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 94.249.192.82 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\tblxdhsi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2780581019-2628166334-3317978689-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: LeechBlock - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\tblxdhsi.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2014-11-23]
FF Extension: Adblock Plus - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\tblxdhsi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-23]
FF Extension: Greasemonkey - C:\Users\Oliver\AppData\Roaming\Mozilla\Firefox\Profiles\tblxdhsi.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-13]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [115712 2014-11-05] (Advanced Micro Devices) [File not signed]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-13] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-13] (Avast Software)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2014-11-07] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-04-26] () [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-11-07] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2014-11-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [293088 2014-10-09] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-13] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-12-04] () [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-02] (Disc Soft Ltd)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-12-04] () [File not signed]
R3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [96472 2014-11-24] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [135384 2014-11-24] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [173568 2014-11-07] (Microsoft Corporation)
S3 RivaTuner64; C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [19952 2014-07-02] ()
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13480 2014-06-10] ()
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-09-05] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-09-05] (Razer Inc)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [270728 2014-11-13] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
U3 idsvc; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 20:19 - 2014-11-24 20:20 - 00015342 _____ () C:\Users\Oliver\Downloads\FRST.txt
2014-11-24 20:19 - 2014-11-24 20:19 - 00000000 ____D () C:\FRST
2014-11-24 20:18 - 2014-11-24 20:18 - 02118144 _____ (Farbar) C:\Users\Oliver\Downloads\FRST64.exe
2014-11-24 20:16 - 2014-11-24 20:16 - 141133480 _____ () C:\Users\Oliver\Downloads\[HorribleSubs] Inou Battle wa Nichijou-kei no Naka de - 08 [720p].mkv
2014-11-24 20:12 - 2014-11-24 20:12 - 00851957 _____ () C:\Users\Oliver\Downloads\SecurityCheck.exe.part
2014-11-24 19:51 - 2014-11-24 20:10 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-11-24 19:50 - 2014-11-24 20:08 - 00000000 ____D () C:\Users\Oliver\Desktop\mbar
2014-11-24 19:50 - 2014-11-24 19:50 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Oliver\Downloads\mbar-1.08.2.1001.exe
2014-11-24 19:49 - 2014-11-24 19:50 - 00380416 _____ () C:\Users\Oliver\Downloads\Gmer-19357.exe
2014-11-24 18:34 - 2014-11-24 18:34 - 00000823 _____ () C:\Users\Oliver\Desktop\JRT.txt
2014-11-24 18:29 - 2014-11-24 18:29 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-24 18:28 - 2014-11-24 18:28 - 01707532 _____ (Thisisu) C:\Users\Oliver\Downloads\JRT.exe
2014-11-24 18:02 - 2014-11-24 18:02 - 01057488 _____ (Adobe) C:\Users\Oliver\Downloads\install_reader11_de_mssd_aaa_aih.exe
2014-11-24 16:50 - 2014-11-24 16:50 - 00448512 _____ (OldTimer Tools) C:\Users\Oliver\Downloads\TFC.exe
2014-11-24 16:47 - 2014-11-24 16:47 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-24 16:46 - 2014-11-24 16:46 - 02347384 _____ (ESET) C:\Users\Oliver\Downloads\esetsmartinstaller_deu.exe
2014-11-24 16:43 - 2014-11-24 16:43 - 00000197 _____ () C:\WINDOWS\system32\2014-11-24-15-43-21.034-AvastVBoxSVC.exe-1420.log
2014-11-24 16:08 - 2014-11-24 16:08 - 00000000 ____D () C:\WINDOWS\pss
2014-11-23 22:21 - 2014-11-24 20:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-23 22:19 - 2014-11-23 22:20 - 16409960 _____ (Safer Networking Limited ) C:\Users\Oliver\Downloads\spybotsd162.exe
2014-11-23 21:11 - 2014-11-23 21:11 - 00000000 ____D () C:\WINDOWS\system32\appmgmt
2014-11-23 20:40 - 2014-11-23 20:40 - 00000000 __SHD () C:\Users\Oliver\AppData\Local\EmieUserList
2014-11-23 20:40 - 2014-11-23 20:40 - 00000000 __SHD () C:\Users\Oliver\AppData\Local\EmieSiteList
2014-11-23 20:40 - 2014-11-23 20:40 - 00000000 __SHD () C:\Users\Oliver\AppData\Local\EmieBrowserModeList
2014-11-23 20:39 - 2014-11-23 20:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 20:26 - 2014-11-23 20:26 - 00000197 _____ () C:\WINDOWS\system32\2014-11-23-19-26-25.021-AvastVBoxSVC.exe-3236.log
2014-11-23 20:23 - 2014-11-23 20:23 - 00004592 _____ () C:\WINDOWS\PFRO.log
2014-11-23 20:17 - 2014-11-24 16:15 - 00000000 ____D () C:\AdwCleaner
2014-11-23 20:16 - 2014-11-23 20:16 - 02140160 _____ () C:\Users\Oliver\Downloads\adwcleaner_4.101.exe
2014-11-22 13:33 - 2014-11-24 20:10 - 00135384 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-22 13:33 - 2014-11-24 20:09 - 00096472 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-22 13:33 - 2014-11-22 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-22 13:33 - 2014-11-22 13:33 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-22 13:33 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-22 13:33 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-21 21:31 - 2014-07-27 09:11 - 00000000 ____D () C:\Users\Oliver\Desktop\[anime-mp3] Kisaragi Attention JIN ft. Haruna Luna
2014-11-20 20:02 - 2014-11-20 20:09 - 353038782 _____ () C:\Users\Oliver\Desktop\[HorribleSubs] Shirobako - 07 [720p].mkv
2014-11-20 15:29 - 2014-11-20 15:30 - 00000197 _____ () C:\WINDOWS\system32\2014-11-20-14-29-54.065-AvastVBoxSVC.exe-3228.log
2014-11-20 15:25 - 2014-11-20 15:25 - 00000197 _____ () C:\WINDOWS\system32\2014-11-20-14-25-41.061-AvastVBoxSVC.exe-3272.log
2014-11-19 11:02 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 11:02 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 11:02 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 11:02 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-18 14:50 - 2014-11-18 14:50 - 00000197 _____ () C:\WINDOWS\system32\2014-11-18-13-50-07.023-AvastVBoxSVC.exe-3660.log
2014-11-17 22:42 - 2014-11-17 22:42 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-11-15 12:46 - 2014-11-15 12:46 - 00000197 _____ () C:\WINDOWS\system32\2014-11-15-11-46-39.041-AvastVBoxSVC.exe-3388.log
2014-11-14 22:47 - 2014-11-14 22:47 - 00062096 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201411142247086290.log
2014-11-14 22:47 - 2014-11-14 22:47 - 00000000 ____D () C:\ProgramData\ATI
2014-11-14 22:47 - 2014-11-14 22:47 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-11-14 22:46 - 2014-11-14 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-11-14 22:03 - 2014-11-14 22:03 - 00003034 _____ () C:\WINDOWS\System32\Tasks\RTSS
2014-11-13 22:28 - 2014-11-13 23:03 - 00000000 ____D () C:\Users\Oliver\Desktop\Shigatsu wa Kimi no Uso
2014-11-13 21:04 - 2014-11-13 21:04 - 00000247 _____ () C:\WINDOWS\system32\2014-11-13-20-04-30.059-aswFe.exe-3108.log
2014-11-13 20:59 - 2014-11-13 21:04 - 00000247 _____ () C:\WINDOWS\system32\2014-11-13-19-59-54.036-aswFe.exe-1620.log
2014-11-13 20:59 - 2014-11-13 20:59 - 00000197 _____ () C:\WINDOWS\system32\2014-11-13-19-59-52.085-AvastVBoxSVC.exe-344.log
2014-11-13 20:55 - 2014-11-13 20:55 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-11-13 20:55 - 2014-11-13 20:55 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-11-13 20:53 - 2014-11-13 20:53 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\AVAST Software
2014-11-13 20:53 - 2014-11-13 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-13 20:52 - 2014-11-22 20:53 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-11-13 20:52 - 2014-11-18 14:50 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-11-13 20:52 - 2014-11-13 20:53 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2014-11-13 20:52 - 2014-11-13 20:52 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-11-13 20:52 - 2014-11-13 20:52 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-11-13 20:52 - 2014-11-13 20:52 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-11-13 20:52 - 2014-11-13 20:52 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-11-13 20:52 - 2014-11-13 20:52 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-11-13 20:52 - 2014-11-13 20:52 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-11-13 20:52 - 2014-11-13 20:52 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-11-13 20:52 - 2014-11-13 20:52 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-11-13 20:51 - 2014-11-13 20:51 - 00000000 ____D () C:\Program Files\AVAST Software
2014-11-13 20:45 - 2014-11-13 20:45 - 00000000 ____D () C:\OETemp
2014-11-13 17:51 - 2014-11-13 17:59 - 353241178 _____ () C:\Users\Oliver\Desktop\[HorribleSubs] Shirobako - 06 [720p].mkv
2014-11-13 14:33 - 2013-09-12 05:22 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_ILMBLGE.DLL
2014-11-13 13:56 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-13 13:56 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-13 13:56 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-13 13:56 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-13 13:56 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-13 13:56 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-13 13:56 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-13 13:56 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-13 13:56 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-13 13:56 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-13 13:56 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-13 13:56 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-13 13:56 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-13 13:56 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-13 13:56 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-13 13:56 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-13 13:56 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-13 13:56 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-13 13:55 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-13 13:55 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-13 13:55 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-13 13:55 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-13 13:55 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-13 13:55 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-13 13:55 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-13 13:55 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-13 13:55 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-13 13:55 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-13 13:55 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-13 13:55 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-13 13:55 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-13 13:55 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-13 13:55 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-13 13:55 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-13 13:55 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-13 13:55 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-13 13:55 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-13 13:55 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-13 13:55 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-13 13:55 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-13 13:55 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-13 13:55 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-13 13:55 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-13 13:55 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-13 13:55 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-13 13:55 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-13 13:55 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-13 13:55 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-13 13:55 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-13 13:55 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-13 13:55 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-13 13:55 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-13 13:55 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-13 13:55 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-13 13:55 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-13 13:55 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-13 13:54 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-13 13:54 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-13 13:54 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-13 13:54 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-13 13:54 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-13 13:54 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-13 13:54 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-13 13:54 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-13 13:54 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-13 13:54 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-13 13:54 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-13 13:54 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-13 13:54 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-13 13:54 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-13 13:54 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-13 13:54 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-13 13:54 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-13 13:54 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-13 13:54 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-13 13:54 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-13 13:54 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-13 13:54 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-13 13:54 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-13 13:54 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-13 13:54 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-13 13:54 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-13 13:54 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-13 13:54 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-13 13:54 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-13 13:54 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-13 13:54 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-13 13:54 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-13 13:54 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-13 13:54 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-13 13:54 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-13 13:54 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-13 13:54 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-13 13:54 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-13 13:54 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-13 13:54 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-13 13:54 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-13 13:54 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-13 13:54 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-13 13:54 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-13 13:54 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-13 13:54 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-13 13:54 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-13 13:54 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-13 13:54 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-13 13:54 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-13 13:54 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-13 13:54 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-13 13:54 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-13 13:54 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-13 13:54 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-13 13:54 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-13 13:54 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-13 13:54 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-13 13:54 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-13 13:54 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-13 13:54 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-13 13:54 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-13 13:54 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-13 13:54 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-13 13:54 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-13 13:54 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-13 13:54 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-13 13:54 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-13 13:54 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 13:54 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-13 13:54 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-13 13:54 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-13 13:54 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-13 13:54 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-13 13:54 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-13 13:54 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-13 13:54 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-13 13:54 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-13 13:54 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-13 13:54 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-13 13:54 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-13 13:54 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-13 13:54 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-13 13:54 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-13 13:54 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-13 13:54 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-13 13:54 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-13 13:54 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-13 13:54 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-13 13:54 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-13 13:52 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-13 13:52 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-13 13:52 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-13 13:52 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-13 13:51 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-13 13:51 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-13 13:51 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-13 13:51 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-13 13:51 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-13 13:51 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-13 13:51 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-13 13:51 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-13 13:51 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-13 13:51 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-13 13:51 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-13 13:51 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-13 13:51 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-13 13:51 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-13 13:51 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-13 13:51 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-13 13:51 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-13 13:51 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-13 13:51 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-13 13:51 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-13 13:51 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-13 13:51 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-13 13:51 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-13 13:51 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-13 13:51 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-13 13:51 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-13 13:51 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-13 13:51 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-13 13:51 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-13 13:51 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-13 13:51 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-13 13:51 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-13 13:51 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-13 13:51 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-11 17:42 - 2014-11-12 08:38 - 00000000 ____D () C:\Users\DefaultAppPool
2014-11-11 17:42 - 2014-11-11 17:42 - 00000020 ___SH () C:\Users\DefaultAppPool\ntuser.ini
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Vorlagen
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Startmenü
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Netzwerkumgebung
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Lokale Einstellungen
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Eigene Dateien
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Druckumgebung
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Musik
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Documents\Eigene Bilder
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Verlauf
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2014-11-11 17:42 - 2014-11-11 17:42 - 00000000 _SHDL () C:\Users\DefaultAppPool\Anwendungsdaten
2014-11-11 17:42 - 2014-11-10 18:09 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-11 17:42 - 2014-11-09 12:08 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-11 17:42 - 2014-11-07 14:08 - 00000000 ___RD () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-11 17:42 - 2014-03-18 11:12 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-11 17:42 - 2014-03-18 11:12 - 00000369 _____ () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-11 17:42 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 13:44 - 2014-07-24 16:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-11-09 13:44 - 2014-07-24 16:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-11-09 13:44 - 2014-07-24 16:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-11-09 13:44 - 2014-07-24 16:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-11-09 13:44 - 2014-07-24 16:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-11-09 13:44 - 2014-07-24 16:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-11-09 13:44 - 2014-07-24 16:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-11-09 13:44 - 2014-07-24 16:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-11-09 13:44 - 2014-07-24 16:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-11-09 13:44 - 2014-07-24 16:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-11-09 13:44 - 2014-07-24 16:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-11-09 13:44 - 2014-07-24 16:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-11-09 13:44 - 2014-07-24 16:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-11-09 13:44 - 2014-07-24 16:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-11-09 13:44 - 2014-07-24 14:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-11-09 13:44 - 2014-07-24 14:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-11-09 13:44 - 2014-07-24 14:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-11-09 13:44 - 2014-07-24 14:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-11-09 13:44 - 2014-07-24 14:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-11-09 13:44 - 2014-07-24 14:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-11-09 13:44 - 2014-07-24 12:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-11-09 13:44 - 2014-07-24 12:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-11-09 13:44 - 2014-07-24 12:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-11-09 13:44 - 2014-07-24 12:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-11-09 13:44 - 2014-07-24 11:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-11-09 13:44 - 2014-07-24 11:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-11-09 13:44 - 2014-07-24 11:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-11-09 13:44 - 2014-07-24 10:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-11-09 13:44 - 2014-07-24 10:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-11-09 13:44 - 2014-07-24 10:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-11-09 13:44 - 2014-07-24 10:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-11-09 13:44 - 2014-07-24 10:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-11-09 13:44 - 2014-07-24 10:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-11-09 13:44 - 2014-07-24 10:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-11-09 13:44 - 2014-07-24 10:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-11-09 13:44 - 2014-07-24 10:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-11-09 13:44 - 2014-07-24 10:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-11-09 13:44 - 2014-07-24 09:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-11-09 13:44 - 2014-07-24 09:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-11-09 13:44 - 2014-07-24 09:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-11-09 13:44 - 2014-07-24 09:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-11-09 13:44 - 2014-07-24 09:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-11-09 13:44 - 2014-07-24 09:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-11-09 13:44 - 2014-07-24 09:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-11-09 13:44 - 2014-07-24 09:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-11-09 13:44 - 2014-07-24 09:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-11-09 13:44 - 2014-07-24 09:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-11-09 13:44 - 2014-07-24 09:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-11-09 13:44 - 2014-07-24 09:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-11-09 13:44 - 2014-07-24 09:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-11-09 13:44 - 2014-07-24 09:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-11-09 13:44 - 2014-07-24 09:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-11-09 13:44 - 2014-07-24 09:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-11-09 13:44 - 2014-07-24 09:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-11-09 13:44 - 2014-07-24 08:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-11-09 13:44 - 2014-07-24 08:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-11-09 13:44 - 2014-07-24 08:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-11-09 13:44 - 2014-07-24 08:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-11-09 13:44 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-11-09 13:44 - 2014-07-24 05:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-11-09 13:44 - 2014-07-12 06:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-11-09 13:44 - 2014-07-04 13:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-11-09 13:44 - 2014-07-04 11:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-11-09 13:44 - 2014-07-04 10:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-11-09 13:44 - 2014-07-04 10:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-11-09 13:44 - 2014-06-27 07:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-11-09 13:44 - 2014-06-19 03:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-11-09 13:44 - 2014-06-14 07:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-11-09 13:44 - 2014-06-14 06:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-11-09 13:44 - 2014-06-05 11:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-11-09 13:44 - 2014-05-31 06:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-11-09 13:44 - 2014-05-29 07:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-11-09 13:44 - 2014-05-06 05:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-11-09 13:44 - 2014-05-06 01:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-11-09 13:44 - 2014-03-25 03:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-11-09 13:44 - 2014-03-25 02:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-11-09 13:43 - 2014-07-24 16:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-11-09 13:43 - 2014-07-24 16:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-11-09 13:43 - 2014-07-24 16:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-11-09 13:43 - 2014-07-24 16:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-11-09 13:43 - 2014-07-24 16:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-11-09 13:43 - 2014-07-24 14:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-11-09 13:43 - 2014-07-24 14:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-11-09 13:43 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-11-09 13:43 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-11-09 13:43 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-11-09 13:43 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-11-09 13:43 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-11-09 13:43 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-11-09 13:43 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-11-09 13:43 - 2014-07-24 12:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-11-09 13:43 - 2014-07-24 12:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-11-09 13:43 - 2014-07-24 12:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-11-09 13:43 - 2014-07-24 12:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-11-09 13:43 - 2014-07-24 12:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-11-09 13:43 - 2014-07-24 12:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-11-09 13:43 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-11-09 13:43 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-11-09 13:43 - 2014-07-24 11:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-11-09 13:43 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-11-09 13:43 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-11-09 13:43 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-11-09 13:43 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-11-09 13:43 - 2014-07-24 11:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-11-09 13:43 - 2014-07-24 11:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-11-09 13:43 - 2014-07-24 11:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-11-09 13:43 - 2014-07-24 11:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-11-09 13:43 - 2014-07-24 11:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-11-09 13:43 - 2014-07-24 11:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-11-09 13:43 - 2014-07-24 11:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-11-09 13:43 - 2014-07-24 10:58 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2014-11-09 13:43 - 2014-07-24 10:54 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2014-11-09 13:43 - 2014-07-24 10:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-11-09 13:43 - 2014-07-24 10:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-11-09 13:43 - 2014-07-24 10:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-11-09 13:43 - 2014-07-24 10:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-11-09 13:43 - 2014-07-24 10:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-11-09 13:43 - 2014-07-24 10:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-11-09 13:43 - 2014-07-24 10:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-11-09 13:43 - 2014-07-24 10:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-11-09 13:43 - 2014-07-24 10:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-11-09 13:43 - 2014-07-24 10:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-11-09 13:43 - 2014-07-24 10:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-11-09 13:43 - 2014-07-24 10:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-11-09 13:43 - 2014-07-24 10:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-11-09 13:43 - 2014-07-24 10:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-11-09 13:43 - 2014-07-24 09:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-11-09 13:43 - 2014-07-24 09:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-11-09 13:43 - 2014-07-24 09:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-11-09 13:43 - 2014-07-24 09:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-11-09 13:43 - 2014-07-24 09:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-11-09 13:43 - 2014-07-24 09:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-11-09 13:43 - 2014-07-24 09:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-11-09 13:43 - 2014-07-24 09:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-11-09 13:43 - 2014-07-24 09:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-11-09 13:43 - 2014-07-24 09:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-11-09 13:43 - 2014-07-24 09:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-11-09 13:43 - 2014-07-24 09:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-11-09 13:43 - 2014-07-24 09:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-11-09 13:43 - 2014-07-24 09:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-11-09 13:43 - 2014-07-24 09:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-11-09 13:43 - 2014-07-24 09:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-11-09 13:43 - 2014-07-24 09:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-11-09 13:43 - 2014-07-24 08:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-11-09 13:43 - 2014-07-24 08:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-11-09 13:43 - 2014-07-24 08:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-11-09 13:43 - 2014-07-24 08:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-11-09 13:43 - 2014-07-24 08:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-11-09 13:43 - 2014-07-24 08:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-11-09 13:43 - 2014-07-12 05:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-11-09 13:43 - 2014-07-04 11:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-11-09 13:43 - 2014-07-04 11:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-11-09 13:43 - 2014-07-04 11:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-11-09 13:43 - 2014-06-26 01:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-11-09 13:43 - 2014-06-26 01:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-11-09 13:43 - 2014-06-20 00:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-11-09 13:43 - 2014-06-07 13:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-11-09 13:43 - 2014-06-07 11:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-11-09 13:43 - 2014-06-05 15:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-11-09 13:43 - 2014-06-05 10:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-11-09 13:43 - 2014-05-31 05:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-11-09 13:43 - 2014-05-29 06:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-11-09 13:43 - 2014-05-26 08:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-11-09 13:43 - 2014-05-10 11:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-11-09 13:43 - 2014-05-10 09:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-11-09 13:43 - 2014-03-25 03:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-11-09 13:43 - 2014-03-25 02:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-11-09 12:08 - 2014-11-09 12:21 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-11-09 11:13 - 2014-04-14 04:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-11-08 22:35 - 2014-11-08 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-08 12:53 - 2014-11-13 14:33 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-08 12:53 - 2014-11-13 14:28 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-07 22:21 - 2014-08-15 01:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-11-07 22:21 - 2014-07-30 02:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-11-07 22:21 - 2014-07-29 06:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-11-07 22:19 - 2014-05-30 04:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-11-07 22:18 - 2014-03-20 05:19 - 01291200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-11-07 22:18 - 2014-03-20 04:41 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-11-07 22:18 - 2014-03-20 01:53 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-11-07 22:18 - 2014-03-20 01:48 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-11-07 22:18 - 2014-03-20 00:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-11-07 22:18 - 2014-03-20 00:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-11-07 22:18 - 2014-03-20 00:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2014-11-07 22:18 - 2014-03-19 06:50 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-11-07 22:18 - 2014-03-19 06:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2014-11-07 22:18 - 2014-03-13 13:35 - 00157016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-11-07 22:18 - 2014-03-08 21:40 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-11-07 22:18 - 2014-03-08 21:38 - 01542768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-11-07 22:18 - 2014-03-08 16:29 - 00356848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-11-07 22:18 - 2014-03-08 12:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2014-11-07 22:18 - 2014-03-08 10:02 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-11-07 22:18 - 2014-03-08 09:33 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-11-07 22:18 - 2014-03-08 09:25 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-11-07 22:18 - 2014-03-08 09:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sxproxy.dll
2014-11-07 22:18 - 2014-03-08 08:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spp.dll
2014-11-07 22:18 - 2014-03-08 08:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-11-07 22:18 - 2014-03-08 07:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-11-07 22:18 - 2014-03-08 07:41 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-11-07 22:18 - 2014-03-08 07:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2014-11-07 22:18 - 2014-03-08 07:31 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-11-07 22:18 - 2014-03-08 07:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-11-07 22:18 - 2014-03-08 07:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-11-07 22:18 - 2014-03-08 07:04 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-11-07 22:18 - 2014-03-08 06:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-11-07 22:18 - 2014-03-08 06:41 - 01306624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-11-07 22:18 - 2014-03-08 06:11 - 00924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-11-07 22:18 - 2014-03-06 15:34 - 02331000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-11-07 22:18 - 2014-03-06 15:34 - 00113648 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-11-07 22:18 - 2014-03-06 12:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2014-11-07 22:18 - 2014-03-06 11:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2014-11-07 22:18 - 2014-03-06 10:24 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-11-07 22:18 - 2014-03-06 10:24 - 00033280 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-11-07 22:18 - 2014-03-06 10:22 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-11-07 22:18 - 2014-03-06 10:22 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-11-07 22:18 - 2014-03-06 10:19 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-11-07 22:18 - 2014-03-06 10:19 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-11-07 22:18 - 2014-03-06 10:19 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-11-07 22:18 - 2014-03-06 10:19 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-11-07 22:18 - 2014-03-06 10:08 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-11-07 22:18 - 2014-03-06 09:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-11-07 22:18 - 2014-03-06 09:38 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-11-07 22:18 - 2014-03-06 09:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2014-11-07 22:18 - 2014-03-06 09:14 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll
2014-11-07 22:18 - 2014-03-06 09:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2014-11-07 22:18 - 2014-03-06 09:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-11-07 22:18 - 2014-03-06 08:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-11-07 22:18 - 2014-03-06 08:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2014-11-07 22:18 - 2014-03-06 08:02 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-11-07 22:18 - 2014-03-06 07:51 - 02900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-11-07 22:18 - 2014-03-06 07:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2014-11-07 22:18 - 2014-03-06 07:27 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2014-11-07 22:18 - 2014-03-06 07:24 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-11-07 22:18 - 2014-03-06 07:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-11-07 22:18 - 2014-03-06 07:23 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-11-07 22:18 - 2014-03-06 07:21 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-11-07 22:18 - 2014-03-06 07:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlangpui.dll
2014-11-07 22:18 - 2014-03-06 07:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2014-11-07 22:18 - 2014-03-06 07:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-11-07 22:18 - 2014-03-06 06:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2014-11-07 22:18 - 2014-03-06 06:47 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-11-07 22:18 - 2014-03-06 06:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2014-11-07 22:18 - 2014-03-04 09:11 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-11-07 22:18 - 2014-03-04 08:26 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AdmTmpl.dll
2014-11-07 22:18 - 2014-03-04 08:16 - 00655360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-11-07 22:18 - 2014-03-04 08:13 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-11-07 22:18 - 2014-03-04 08:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-11-07 22:18 - 2014-03-04 08:00 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-11-07 22:18 - 2014-03-04 07:56 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-11-07 22:18 - 2014-03-04 07:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-11-07 22:18 - 2014-03-04 07:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pdh.dll
2014-11-07 22:18 - 2014-03-04 07:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2014-11-07 22:18 - 2014-03-04 07:15 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-11-07 22:18 - 2014-03-04 07:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2014-11-07 22:18 - 2014-03-04 07:03 - 00669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-11-07 22:18 - 2014-03-04 07:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-11-07 22:18 - 2014-03-04 06:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-11-07 22:18 - 2014-03-04 06:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2014-11-07 22:18 - 2013-12-24 00:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-11-07 22:18 - 2013-12-24 00:26 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-11-07 22:15 - 2014-03-13 08:42 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-11-07 22:15 - 2014-03-13 07:51 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-11-07 22:14 - 2014-09-04 01:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-11-07 22:14 - 2014-09-04 00:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-11-07 22:14 - 2014-09-04 00:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-11-07 22:14 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-11-07 22:13 - 2014-08-07 03:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-11-07 22:13 - 2014-08-02 04:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-11-07 22:13 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-11-07 22:13 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-11-07 22:13 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-11-07 22:13 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-11-07 22:13 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-11-07 22:13 - 2014-06-06 12:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-11-07 22:13 - 2014-03-06 13:53 - 02141912 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-11-07 22:13 - 2014-03-06 13:51 - 00379224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-11-07 22:13 - 2014-03-06 13:39 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-11-07 22:13 - 2014-03-06 12:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-11-07 22:13 - 2014-03-06 07:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-11-07 22:12 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-11-07 22:12 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-11-07 22:12 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-11-07 22:12 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-11-07 22:12 - 2014-04-11 04:54 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-11-07 22:12 - 2014-04-11 03:57 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-11-07 22:11 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-11-07 22:11 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-11-07 22:11 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-11-07 22:10 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-11-07 22:09 - 2014-09-04 01:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-11-07 22:09 - 2014-09-04 01:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-11-07 22:08 - 2014-08-23 08:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-11-07 22:08 - 2014-08-23 08:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-11-07 22:08 - 2014-08-23 07:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-11-07 22:08 - 2014-08-23 06:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-11-07 22:08 - 2014-08-23 05:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-11-07 22:08 - 2014-08-16 01:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-07 22:08 - 2014-08-16 01:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-11-07 22:08 - 2014-08-16 01:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-11-07 22:08 - 2014-08-16 01:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-11-07 22:08 - 2014-08-16 01:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-11-07 22:07 - 2014-08-16 05:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-11-07 22:07 - 2014-08-16 05:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-11-07 22:07 - 2014-08-16 04:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-11-07 22:07 - 2014-08-16 04:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-11-07 22:07 - 2014-08-16 04:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-11-07 22:07 - 2014-08-16 02:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-11-07 22:07 - 2014-08-16 02:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-11-07 22:07 - 2014-08-16 01:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-11-07 22:07 - 2014-08-16 01:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-11-07 22:07 - 2014-08-16 01:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-11-07 22:07 - 2014-08-16 01:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-11-07 22:07 - 2014-08-16 01:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-11-07 22:07 - 2014-08-16 01:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-11-07 22:07 - 2014-08-16 01:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-11-07 22:07 - 2014-08-16 01:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-11-07 22:07 - 2014-08-16 01:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-07 22:07 - 2014-08-16 01:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-11-07 22:07 - 2014-08-16 01:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-11-07 22:07 - 2014-08-16 01:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-11-07 22:07 - 2014-08-16 01:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-11-07 22:07 - 2014-08-16 01:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-11-07 22:07 - 2014-08-16 01:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-11-07 22:07 - 2014-08-16 01:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-11-07 22:07 - 2014-08-16 01:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-11-07 22:07 - 2014-08-16 01:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-11-07 22:07 - 2014-07-24 16:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-11-07 22:07 - 2014-07-24 12:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-11-07 22:07 - 2014-07-24 11:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-11-07 22:07 - 2014-07-24 10:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-11-07 22:06 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-11-07 22:06 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-11-07 22:05 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-11-07 22:05 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-11-07 22:05 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-11-07 22:05 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-11-07 22:05 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-11-07 22:05 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-11-07 22:05 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-11-07 22:05 - 2014-05-03 00:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-11-07 22:05 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-11-07 22:05 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-11-07 22:05 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-11-07 22:05 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-11-07 22:05 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-11-07 22:05 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-11-07 22:05 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-11-07 22:05 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-11-07 22:05 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-11-07 22:05 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-11-07 22:05 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-11-07 22:05 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-11-07 22:05 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-11-07 22:05 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-11-07 22:05 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-11-07 22:05 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-11-07 22:05 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-11-07 22:05 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-11-07 22:05 - 2014-04-26 19:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-11-07 22:05 - 2014-04-26 19:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-11-07 22:05 - 2014-04-26 19:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2014-11-07 22:05 - 2014-04-26 18:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-11-07 22:05 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-11-07 22:05 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-11-07 22:05 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-11-07 22:05 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-11-07 22:04 - 2014-04-18 15:57 - 00032600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-11-07 22:04 - 2014-04-18 10:44 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2014-11-07 22:04 - 2014-04-14 10:20 - 00324888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-11-07 22:04 - 2014-04-14 09:01 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2014-11-07 22:04 - 2014-04-11 05:51 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2014-11-07 22:04 - 2014-04-11 05:23 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2014-11-07 22:04 - 2014-04-09 12:53 - 00337240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-11-07 22:04 - 2014-04-09 07:39 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-11-07 22:04 - 2014-04-09 06:44 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2014-11-07 22:04 - 2014-04-09 04:33 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-11-07 22:04 - 2014-04-08 23:46 - 00086688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt_map.dll
2014-11-07 22:04 - 2014-04-08 23:46 - 00028320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mrt100.dll
2014-11-07 22:04 - 2014-04-08 19:54 - 00080032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt_map.dll
2014-11-07 22:04 - 2014-04-08 19:54 - 00026784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mrt100.dll
2014-11-07 22:04 - 2014-04-08 03:01 - 00589656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-11-07 22:04 - 2014-04-06 17:34 - 00372568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-11-07 22:04 - 2014-04-06 17:34 - 00275800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-11-07 22:04 - 2014-04-06 17:30 - 00201920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2014-11-07 22:04 - 2014-04-06 17:24 - 00360792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-11-07 22:04 - 2014-04-06 17:20 - 01403856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-11-07 22:04 - 2014-04-06 17:20 - 01379064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-11-07 22:04 - 2014-04-06 17:20 - 00765408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-11-07 22:04 - 2014-04-06 17:20 - 00609448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-11-07 22:04 - 2014-04-06 17:20 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-11-07 22:04 - 2014-04-06 17:20 - 00028408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2014-11-07 22:04 - 2014-04-06 16:22 - 00178184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2014-11-07 22:04 - 2014-04-06 16:16 - 01209616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-11-07 22:04 - 2014-04-06 16:16 - 00669856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-11-07 22:04 - 2014-04-06 16:16 - 00518544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2014-11-07 22:04 - 2014-04-06 16:16 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-11-07 22:04 - 2014-04-06 13:58 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-11-07 22:04 - 2014-04-06 13:51 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-11-07 22:04 - 2014-04-06 13:33 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-11-07 22:04 - 2014-04-06 13:24 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-11-07 22:04 - 2014-04-06 13:06 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srclient.dll
2014-11-07 22:04 - 2014-04-06 12:26 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-11-07 22:04 - 2014-04-06 11:05 - 01222656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-11-07 22:04 - 2014-04-06 10:59 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-11-07 22:04 - 2014-04-03 09:12 - 00307304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-11-07 22:04 - 2014-04-03 09:12 - 00130144 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2014-11-07 22:04 - 2014-04-03 05:03 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-11-07 22:04 - 2014-04-03 05:03 - 00111528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2014-11-07 22:04 - 2014-04-03 03:23 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2014-11-07 22:04 - 2014-04-03 03:22 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2014-11-07 22:04 - 2014-03-28 16:58 - 00407016 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-11-07 22:04 - 2014-03-27 06:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-11-07 22:04 - 2014-03-27 05:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-11-07 22:04 - 2014-03-27 04:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-11-07 22:04 - 2014-03-27 04:10 - 01436160 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-11-07 22:04 - 2014-03-21 05:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\tscfgwmi.dll
2014-11-07 22:04 - 2014-03-19 09:15 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-11-07 22:04 - 2014-03-19 08:24 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-11-07 22:04 - 2014-03-19 08:17 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2014-11-07 22:04 - 2014-03-18 09:18 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xusb22.sys
2014-11-07 22:04 - 2014-03-18 06:00 - 07173120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-11-07 22:04 - 2014-03-18 05:52 - 05104640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2014-11-07 22:04 - 2014-03-17 06:09 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-11-07 22:04 - 2014-03-17 05:11 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-11-07 22:04 - 2014-03-14 07:26 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll
2014-11-07 22:04 - 2014-03-14 07:10 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll
2014-11-07 22:04 - 2014-01-27 19:21 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2014-11-07 22:03 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-11-07 22:03 - 2014-05-31 11:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-11-07 22:03 - 2014-05-31 11:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-11-07 22:03 - 2014-05-31 11:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-11-07 22:03 - 2014-05-31 07:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-11-07 22:03 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-11-07 22:03 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-11-07 22:03 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-11-07 22:03 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-11-07 22:03 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-11-07 22:03 - 2014-05-29 07:21 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-11-07 22:03 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-11-07 22:03 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-11-07 22:03 - 2014-05-19 07:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-11-07 22:03 - 2014-05-19 07:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-11-07 22:03 - 2014-05-19 06:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-11-07 22:03 - 2014-04-30 05:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-11-07 22:03 - 2014-04-30 05:30 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-11-07 22:03 - 2014-04-30 05:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-11-07 22:03 - 2014-04-30 04:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2014-11-07 22:03 - 2014-04-30 04:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-11-07 22:02 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-11-07 22:02 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-11-07 22:02 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-11-07 22:02 - 2014-06-06 14:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-11-07 22:02 - 2014-06-06 13:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-11-07 22:01 - 2014-05-31 11:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-11-07 22:01 - 2014-05-31 03:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-11-07 22:01 - 2014-05-31 03:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-11-07 22:01 - 2014-05-01 14:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-11-07 22:01 - 2014-05-01 06:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-11-07 22:01 - 2014-04-11 09:25 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2014-11-07 22:01 - 2014-04-11 06:53 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-11-07 14:53 - 2014-11-07 14:53 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-11-07 14:52 - 2014-11-08 13:11 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Raptr
2014-11-07 14:25 - 2014-11-12 16:15 - 00000000 __RDO () C:\Users\Oliver\OneDrive
2014-11-07 14:22 - 2014-11-07 14:22 - 00001454 _____ () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-07 14:21 - 2014-11-07 14:21 - 00000020 ___SH () C:\Users\Oliver\ntuser.ini
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-11-07 14:18 - 2014-11-07 14:18 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-11-07 14:17 - 2014-11-24 17:41 - 01120316 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-07 14:08 - 2014-11-07 14:08 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-11-07 14:07 - 2014-11-07 14:07 - 00000000 ____D () C:\Program Files\Common Files\SpeechEngines
2014-11-07 14:04 - 2014-11-07 14:04 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-11-07 14:03 - 2014-11-23 20:21 - 00000000 ____D () C:\Users\Oliver
2014-11-07 14:03 - 2014-11-07 14:17 - 00022863 _____ () C:\WINDOWS\diagwrn.xml
2014-11-07 14:03 - 2014-11-07 14:17 - 00022863 _____ () C:\WINDOWS\diagerr.xml
2014-11-07 14:03 - 2014-11-07 14:04 - 00000000 ___RD () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-07 14:03 - 2014-11-07 14:04 - 00000000 ___RD () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-07 14:03 - 2014-11-07 14:04 - 00000000 ___RD () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-07 14:03 - 2014-11-07 14:04 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Vorlagen
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Startmenü
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Netzwerkumgebung
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Lokale Einstellungen
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Eigene Dateien
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Druckumgebung
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Documents\Eigene Musik
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Documents\Eigene Bilder
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\AppData\Local\Verlauf
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\AppData\Local\Anwendungsdaten
2014-11-07 14:03 - 2014-11-07 14:03 - 00000000 _SHDL () C:\Users\Oliver\Anwendungsdaten
2014-11-07 14:03 - 2014-03-18 11:12 - 00000369 _____ () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-07 14:03 - 2014-03-18 11:12 - 00000369 _____ () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-07 14:00 - 2014-11-07 14:00 - 01994616 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-11-07 13:57 - 2014-11-24 16:09 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-11-07 13:57 - 2014-11-14 22:47 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-11-07 13:57 - 2014-11-14 22:47 - 00000000 ____D () C:\Program Files\AMD
2014-11-07 13:57 - 2014-11-07 13:57 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-11-07 13:57 - 2009-07-20 23:48 - 00539680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvuninst.exe
2014-11-07 13:55 - 2014-11-22 14:11 - 00000000 ___DC () C:\WINDOWS\Panther
2014-11-07 13:51 - 2014-11-07 13:51 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-11-07 13:49 - 2014-11-07 14:07 - 00000000 ____D () C:\inetpub
2014-11-07 13:49 - 2014-11-07 13:49 - 01408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsec.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqad.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsec.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqad.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2014-11-07 13:49 - 2014-11-07 13:49 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcmiplugin.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2014-11-07 13:49 - 2014-11-07 13:49 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2014-11-07 13:49 - 2014-11-07 13:49 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2014-11-07 13:49 - 2014-11-07 13:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-11-07 13:49 - 2014-11-07 13:49 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-11-07 13:49 - 2014-11-07 13:49 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-11-07 13:49 - 2014-11-07 13:49 - 00009096 _____ () C:\WINDOWS\SysWOW64\msmqtrc.mof
2014-11-07 13:49 - 2014-11-07 13:49 - 00009096 _____ () C:\WINDOWS\system32\msmqtrc.mof
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\BestPractices
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\WINDOWS\system32\msmq
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\WINDOWS\system32\BestPractices
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\Program Files\MSBuild
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-11-07 13:49 - 2014-03-18 12:45 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
         

Alt 25.11.2014, 16:31   #5
Harri3r
 
Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



FRST Teil 2
Code:
ATTFilter
2014-11-07 13:49 - 2014-03-18 12:45 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-11-07 13:49 - 2014-03-18 12:45 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-07 13:49 - 2014-03-18 12:45 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-07 13:27 - 2014-11-07 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinCDEmu
2014-11-07 13:25 - 2014-11-24 20:15 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2780581019-2628166334-3317978689-1000
2014-11-07 13:18 - 2014-11-12 16:17 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Packages
2014-11-07 13:18 - 2014-11-07 14:07 - 00000000 ____D () C:\ProgramData\PRICache
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-11-07 13:16 - 2014-11-07 13:16 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-11-07 13:15 - 2014-11-07 14:17 - 00023056 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-11-07 13:15 - 2014-11-07 13:15 - 00000000 ____D () C:\WINDOWS\CSC
2014-11-07 13:14 - 2014-11-07 13:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-78515.txt
2014-11-07 13:07 - 2014-11-07 13:07 - 00000235 _____ () C:\WINDOWS\system32\netcfg-625203.txt
2014-11-07 13:07 - 2014-11-07 13:07 - 00000235 _____ () C:\WINDOWS\system32\netcfg-624750.txt
2014-11-07 13:07 - 2014-11-07 13:07 - 00000235 _____ () C:\WINDOWS\system32\netcfg-624593.txt
2014-11-07 13:07 - 2014-11-07 13:07 - 00000235 _____ () C:\WINDOWS\system32\netcfg-624187.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00001134 _____ () C:\WINDOWS\system32\netcfg-113281.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000185 _____ () C:\WINDOWS\system32\netcfg-125750.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000164 _____ () C:\WINDOWS\system32\netcfg-115953.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000161 _____ () C:\WINDOWS\system32\netcfg-120171.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-119859.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-119343.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000160 _____ () C:\WINDOWS\system32\netcfg-112906.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000159 _____ () C:\WINDOWS\system32\netcfg-118953.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000157 _____ () C:\WINDOWS\system32\netcfg-119546.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000157 _____ () C:\WINDOWS\system32\netcfg-117984.txt
2014-11-07 12:58 - 2014-11-07 12:58 - 00000150 _____ () C:\WINDOWS\system32\netcfg-118531.txt
2014-11-07 12:05 - 2014-11-07 12:05 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Abelssoft
2014-11-06 23:37 - 2014-11-06 23:37 - 00000000 ____D () C:\Users\Oliver\Downloads\Windows 8.1 with Update (multiple editions) (x64) - DVD (German)
2014-11-06 22:04 - 2014-11-06 22:04 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\e-academy Inc
2014-11-06 22:04 - 2014-11-06 22:04 - 00000000 ____D () C:\Users\Oliver\AppData\Local\e-academy Inc
2014-11-05 22:17 - 2014-11-05 22:17 - 00051200 _____ () C:\WINDOWS\system32\kdbsdk64.dll
2014-11-05 22:13 - 2014-11-05 22:13 - 00038912 _____ () C:\WINDOWS\SysWOW64\kdbsdk32.dll
2014-11-05 21:50 - 2014-11-05 21:50 - 02412544 _____ () C:\WINDOWS\system32\amdacpusl.pdb
2014-11-05 21:42 - 2014-11-05 21:42 - 00362496 _____ (Advanced Micro Devices) C:\WINDOWS\system32\amdacpusl.dll
2014-11-05 21:42 - 2014-11-05 21:42 - 00306176 _____ () C:\WINDOWS\system32\amdacpusl.pdb.pub
2014-11-03 19:02 - 2014-11-03 19:02 - 00062096 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201411031902008597.log
2014-11-02 17:54 - 2014-11-02 18:07 - 00000000 ____D () C:\Users\Oliver\Documents\Bully Scholarship Edition
2014-10-31 00:33 - 2014-10-31 00:33 - 00000000 ____D () C:\Users\Oliver\Documents\4A Games
2014-10-31 00:31 - 2014-10-31 00:31 - 00000000 ____D () C:\Users\Oliver\AppData\Local\4A Games
2014-10-29 14:46 - 2014-10-29 14:46 - 00000000 ____D () C:\Users\Oliver\Desktop\Aldnoah Zero
2014-10-28 20:06 - 2014-10-28 21:01 - 1539158791 _____ () C:\Users\Oliver\Desktop\[Commie] Hanamonogatari [E055B3E8].mkv
2014-10-27 17:17 - 2014-11-07 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-10-27 17:17 - 2014-10-27 17:17 - 00000000 ____D () C:\Program Files\Nexus Mod Manager

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-24 18:54 - 2013-11-16 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-24 18:51 - 2014-03-01 08:44 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-11-24 18:46 - 2013-11-17 11:48 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\TS3Client
2014-11-24 16:47 - 2014-03-18 11:04 - 02063920 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-24 16:47 - 2014-03-18 10:25 - 00876824 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-24 16:47 - 2014-03-18 10:25 - 00200914 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-24 16:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-24 16:07 - 2013-12-12 22:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-24 16:06 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-23 20:40 - 2014-04-09 13:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-23 20:40 - 2013-11-16 19:49 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Google
2014-11-23 20:23 - 2013-08-22 15:44 - 00363040 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-23 19:54 - 2014-08-06 22:55 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Spotify
2014-11-22 21:56 - 2014-10-16 21:10 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\HexChat
2014-11-22 14:16 - 2014-10-10 18:14 - 00000000 ____D () C:\ProgramData\EPSON
2014-11-22 14:15 - 2013-12-31 12:42 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-11-22 13:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-21 18:54 - 2014-07-12 21:23 - 00061952 _____ () C:\Users\Oliver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-21 12:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-19 15:00 - 2014-08-06 22:56 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Spotify
2014-11-19 13:09 - 2013-11-24 15:38 - 00000000 ____D () C:\ProgramData\Origin
2014-11-19 13:08 - 2013-11-24 15:38 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-19 12:04 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-17 23:39 - 2014-10-16 21:44 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-11-16 01:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-15 12:43 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-15 12:43 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-15 12:43 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 12:43 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-15 12:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-15 12:43 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-14 22:47 - 2013-11-16 20:15 - 00000000 ____D () C:\ProgramData\AMD
2014-11-14 22:47 - 2013-11-16 20:09 - 00000000 ____D () C:\AMD
2014-11-14 22:46 - 2013-11-16 20:10 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-11-13 20:51 - 2014-05-27 17:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-12 22:03 - 2014-04-09 13:25 - 00003874 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-10 18:09 - 2014-03-18 10:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-11-10 18:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-10 18:09 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-10 18:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-11-10 18:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-11-10 18:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-11-10 18:09 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-11-09 15:56 - 2013-11-24 15:44 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-11-09 12:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-09 12:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-11-09 12:17 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-11-09 12:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-11-09 12:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-11-09 12:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-11-09 12:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-11-08 17:23 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-08 12:59 - 2013-11-17 08:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-11-08 12:59 - 2013-11-17 08:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-11-08 12:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-08 12:52 - 2013-11-17 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-11-07 14:53 - 2013-11-25 01:29 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-11-07 14:50 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-11-07 14:41 - 2013-12-10 23:37 - 00000000 ____D () C:\Users\Oliver\Desktop\Stuff
2014-11-07 14:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-07 14:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-11-07 14:18 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2014-11-07 14:16 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-11-07 14:16 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-07 14:11 - 2014-10-16 21:44 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-11-07 14:11 - 2014-10-16 21:33 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2014-11-07 14:11 - 2014-10-16 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HexChat
2014-11-07 14:11 - 2014-09-14 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-11-07 14:11 - 2014-07-30 03:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG PC Suite
2014-11-07 14:11 - 2014-07-12 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2014-11-07 14:11 - 2014-07-12 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReClock
2014-11-07 14:11 - 2014-07-12 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xy-VSFilter
2014-11-07 14:11 - 2014-07-12 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
2014-11-07 14:11 - 2014-07-02 14:40 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2014-11-07 14:11 - 2014-06-05 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-07 14:11 - 2014-05-30 14:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-11-07 14:11 - 2014-04-05 20:03 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Katawa Shoujo
2014-11-07 14:11 - 2014-02-15 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2014-11-07 14:11 - 2014-02-09 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-11-07 14:11 - 2013-12-22 15:06 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2014-11-07 14:11 - 2013-12-10 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-11-07 14:11 - 2013-12-06 18:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-11-07 14:11 - 2013-12-02 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-11-07 14:11 - 2013-11-24 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-07 14:11 - 2013-11-23 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2014-11-07 14:11 - 2013-11-18 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-11-07 14:11 - 2013-11-17 13:39 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 14:11 - 2013-11-17 10:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-11-07 14:11 - 2013-11-17 08:52 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-11-07 14:11 - 2013-11-17 08:44 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-07 14:11 - 2013-11-17 08:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-07 14:11 - 2013-11-16 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-07 14:11 - 2013-11-16 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-07 14:11 - 2013-11-16 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-11-07 14:11 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-07 14:08 - 2014-03-18 10:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-11-07 14:08 - 2014-03-18 10:25 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-11-07 14:08 - 2014-03-18 10:25 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-11-07 14:08 - 2013-11-23 15:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\xlive
2014-11-07 14:08 - 2013-11-17 08:44 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-11-07 14:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-11-07 14:08 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-11-07 14:08 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-07 14:07 - 2014-04-14 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gothic
2014-11-07 14:07 - 2014-03-17 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
2014-11-07 14:07 - 2013-11-17 08:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-07 14:07 - 2013-11-16 20:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-11-07 14:07 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-11-07 14:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-11-07 14:07 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-11-07 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\schemas
2014-11-07 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2014-11-07 14:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2014-11-07 14:07 - 2009-07-14 19:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-11-07 14:04 - 2014-10-22 15:59 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-11-07 14:04 - 2014-04-14 11:22 - 00000000 ____D () C:\Users\Oliver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gothic
2014-11-07 14:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-11-07 13:59 - 2013-11-16 18:52 - 00000000 __SHD () C:\Recovery
2014-11-07 13:59 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-07 13:54 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-11-07 13:27 - 2014-05-12 12:06 - 00000000 ____D () C:\Program Files (x86)\WinCDEmu
2014-11-07 13:20 - 2009-07-14 06:09 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-11-07 13:16 - 2014-01-03 18:14 - 00003300 _____ () C:\WINDOWS\System32\Tasks\Halo 2 for Vista restart
2014-11-07 13:16 - 2013-11-17 17:20 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-11-07 13:16 - 2013-11-17 08:38 - 00003050 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_IType_exe
2014-11-07 13:06 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-11-07 13:06 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-11-07 13:06 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-11-07 12:42 - 2009-07-14 05:45 - 00018512 ____H () C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-07 12:42 - 2009-07-14 05:45 - 00018512 ____H () C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 20:39 - 2013-11-17 07:12 - 00000000 ___HD () C:\WINDOWS\msdownld.tmp
2014-11-03 18:54 - 2013-11-16 20:13 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-10-30 12:25 - 2013-11-16 20:06 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-30 01:55 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-30 01:55 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-29 22:52 - 2014-05-30 14:50 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-10-29 22:41 - 2014-05-30 14:51 - 00348928 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-10-29 22:41 - 2014-05-30 14:48 - 00348928 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-10-29 22:41 - 2014-05-30 14:48 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-10-29 11:22 - 2014-10-12 15:56 - 00000000 ____D () C:\GeDoSaTo
2014-10-28 22:05 - 2014-05-30 14:48 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-10-27 17:17 - 2014-01-07 12:28 - 00000000 ____D () C:\Users\Oliver\AppData\Local\Black_Tree_Gaming

Files to move or delete:
====================
C:\Users\Oliver\jagex_cl_runescape_LIVE.dat
C:\Users\Oliver\random.dat


Some content of TEMP:
====================
C:\Users\Oliver\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Oliver\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-17 16:01

==================== End Of Log ============================
         
FRST Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by Oliver.™ at 2014-11-24 20:20:25
Running from C:\Users\Oliver\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A New Beginning - Final Cut (HKLM-x32\...\Steam App 105000) (Version:  - Daedalic Entertainment)
ACP Application (Version: 2.14.30.0001 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{178849B8-9A23-5478-D850-9712A01E561D}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version:  - Cold Beam Games)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands The Pre Sequel GERMAN (HKLM-x32\...\Qm9yZGVybGFuZHNUaGVQcmVTZXF1ZWw=_is1) (Version: 1 - )
Breath of Death VII  (HKLM-x32\...\Steam App 107300) (Version:  - Zeboyd Games)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version:  - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version:  - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis Warhead (HKLM-x32\...\Steam App 17330) (Version:  - Crytek)
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - Zeboyd Games)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version:  - Valve)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
DOOM 3: BFG Edition (HKLM-x32\...\Steam App 208200) (Version:  - id Software)
Duke Nukem 3D: Megaton Edition (HKLM-x32\...\Steam App 225140) (Version:  - 3D Realms)
Duke Nukem Forever (HKLM-x32\...\Steam App 57900) (Version:  - Gearbox Software)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version:  - Lionhead Studios)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry (HKLM-x32\...\GOGPACKFARCRY_is1) (Version: 2.0.0.9 - GOG.com)
FF7 XBox 360 Controller Fix (Steam) 2.1 (HKLM-x32\...\{4FAA5121-ABE1-46AA-B5E7-31584FA33795}_is1) (Version: 2.1 - Johnny "ThunderPeel2001" Walker)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Freddy's Texture Patch BETA (HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\Gothic Texture Patch - Freddy) (Version: 0.52 - Fred Metger)
Freddy's Texture Patch BETA (HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Gothic Texture Patch - Freddy) (Version: 0.52 - Fred Metger)
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.5.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.38.530 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.38.530 - DVDVideoSoft Ltd.)
Game Compatibility Database (HKLM\...\{0e82bf4c-b906-4635-a97e-6a9740686b33}.sdb) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Gothic (HKLM-x32\...\Steam App 65540) (Version:  - Piranha – Bytes )
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version:  - Piranha – Bytes )
Gothic II: Gold Edition (HKLM-x32\...\Steam App 39510) (Version:  - Piranha – Bytes)
Gothic: Gothic I Breitbildkamera-Patch (HKLM-x32\...\Breitbild_Patch) (Version: 1.2 - davied)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox Software)
Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version:  - Gearbox Software)
Halo 2 for Windows Vista (HKLM-x32\...\Halo 2) (Version:  - Microsoft Game Studios)
Halo 2 for Windows Vista (x32 Version: 1.0.0.0 - Microsoft Corporation) Hidden
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version:  - Vanguard Games)
HexChat (HKLM-x32\...\HexChat_is1) (Version: 2.10.1 - HexChat)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.18.20140626 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.12.3.0 - LG Electronics)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\Steam App 235460) (Version:  - PlatinumGames)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
mIRC (HKLM-x32\...\mIRC) (Version: 7.34 - mIRC Co. Ltd.)
Mortal Kombat Kollection (HKLM-x32\...\Steam App 205350) (Version:  - Other Ocean Interactive)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MPC-HC 1.7.6.45 (f18c699) Nightly (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6.45 - MPC-HC Team)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.2.0 (HKLM-x32\...\OpenVPN) (Version: 2.2.0 - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
Paranautical Activity (HKLM-x32\...\Steam App 250580) (Version:  - Code Avarice)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Rayman 2 - The Great Escape (HKLM-x32\...\GOGPACKRAYMAN2_is1) (Version: 2.0.0.38 - GOG.com)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22879 - Razer Inc.)
ReClock (HKLM-x32\...\ReClock) (Version:  - SlySoft, Inc.)
Ricochet (HKLM-x32\...\Steam App 60) (Version:  - Valve)
Risen (HKLM-x32\...\Steam App 40300) (Version:  - Piranha – Bytes)
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition (HKLM-x32\...\RivaTuner) (Version: v2.24 MSI Master Overclocking Arena 2009 edition - Alexey Nicolaychuk)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Skype™ 6.10 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.10.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Spotify (HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{EF8BF808-69D1-4434-9FBC-F9DD1B76D8D1}) (Version: 2.1.1.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
ThielHater's Texturepatch v1.0.2 (HKLM-x32\...\ThielHater's Texturepatch_is1) (Version: 1.0 - ThielHater © 2007-2009)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
xy-VSFilter 3.0.0.211 (HKLM-x32\...\xy-VSFilter_is1) (Version: 3.0.0.211 - xy-VSFilter Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

10-11-2014 18:10:56 Geplanter Prüfpunkt
13-11-2014 19:51:26 avast! antivirus system restore point
14-11-2014 21:43:30 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
14-11-2014 21:44:15 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
19-11-2014 11:03:41 Windows Update
22-11-2014 13:13:53 Removed Bonjour
23-11-2014 20:10:27 Removed CM Installer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-11-23 20:54 - 2014-11-23 20:54 - 00000883 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {019FD764-F442-4879-93BE-3647BB334F35} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {06D208DD-8EC2-4AF4-85FA-3DDA659255F4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {0737BA68-0015-47E7-886E-B4B02BF53899} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.1.0.28\WSCStub.exe
Task: {080C6A8F-9EFD-4F7C-8493-CCF75F8C2F81} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {0EC36BD1-D9A3-4DE6-AE69-EF15E3ABF44E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-13] (Microsoft Corporation)
Task: {15C00DA4-94EA-4117-A166-C654A2AC9E0C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {16E57619-49F4-4074-9B8A-5DD2FF0282D8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {23E41C29-67B3-4A07-B8D0-1FBE5E02BB4F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2649DAFE-C48F-4E04-9158-FB1EC7E7C4A0} - System32\Tasks\Halo 2 for Vista restart => C:\Program Files (x86)\Microsoft Games\Halo 2\startup.exe [2007-06-04] (Microsoft Corporation)
Task: {3261E7DD-4794-467E-9662-C7BBA5E297F8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {356C8B57-96AE-4C01-9F05-DDC606AF018C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {367F9F76-32E6-41CA-A45D-73055A85EB43} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {3931BD16-1243-4F37-81AF-472A71593CF7} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {398F94EB-0EA1-49BF-ABF2-DC9539B44D77} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {3B4080B5-E22B-4C6B-8CC3-C582487BCA13} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4630DF01-FC8A-482A-A999-602A7245881E} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {47230D6F-E977-40D1-923B-8D4373AD9244} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5FB6CF6D-DB34-4CC2-ABA4-23FCE73834A5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {834DC651-350A-4AFD-BA42-526B74DACCFD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {889FAF0A-E364-48C6-B55A-09CA7B80D435} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {9B47485A-1BB7-436A-A88C-502FBAC98DAE} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A0773C1B-FB23-4CBC-A542-BA39F401C110} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A47A0EEB-0DDD-4AC2-B324-66AA594678F2} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2014-06-05] ()
Task: {AB0C4C94-6F32-4142-9D37-ADE12E82C5D5} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {AC100336-DEC7-4A46-A7CB-FEEF23EB2783} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B669CE8B-C4DD-45A2-9B66-3BEFE4504CFC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {BF275BDB-298C-42CA-AB24-A148152532D7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {DA2E7412-BFAA-4054-8CBE-6157D1EC3449} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {DF6CE2DB-04A4-4FB7-8929-C2CEE71853D7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {E7ACFAC5-8385-4CFF-877B-69FC123B3339} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-13] (AVAST Software)

==================== Loaded Modules (whitelisted) =============

2014-11-05 22:03 - 2014-11-05 22:03 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-06-05 10:41 - 2014-06-05 10:41 - 00399360 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2014-06-05 10:41 - 2014-06-05 10:41 - 00188928 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-11-13 20:52 - 2014-11-13 20:52 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-13 20:52 - 2014-11-13 20:52 - 05846160 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-06-05 10:40 - 2014-06-05 10:40 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-06-05 10:41 - 2014-06-05 10:41 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2014-10-16 21:13 - 2014-07-28 20:58 - 00594944 _____ () C:\Program Files (x86)\HexChat\hexchat.exe
2014-11-24 14:01 - 2014-11-24 14:01 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112400\algo.dll
2014-11-13 20:52 - 2014-11-13 20:52 - 04491192 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-11-24 20:15 - 2014-11-24 20:15 - 02903552 _____ () C:\Program Files\AVAST Software\Avast\defs\14112401\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-05 10:40 - 2014-06-05 10:40 - 00056320 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-06-05 10:40 - 2014-06-05 10:40 - 00127488 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-06-05 10:40 - 2014-06-05 10:40 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2014-06-05 10:40 - 2014-06-05 10:40 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2014-11-13 20:52 - 2014-11-13 20:52 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-28 21:16 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 21:16 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 21:16 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2013-12-21 23:21 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-24 13:20 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 21:16 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 21:16 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-12-21 23:21 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-12-21 23:21 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-14 19:48 - 2014-11-11 19:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-11-23 20:39 - 2014-11-23 20:39 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-28 14:33 - 2014-02-28 14:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 14:45 - 2014-02-27 14:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-07-11 15:02 - 2014-08-15 12:11 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-07-11 15:02 - 2014-08-15 12:11 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-07-11 15:04 - 2014-08-15 12:11 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-07-14 09:21 - 2014-08-15 12:11 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 14:46 - 2014-02-27 14:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-11-24 18:52 - 2014-11-24 18:52 - 00158720 _____ () C:\Users\Oliver\AppData\Local\Temp\sfareca00001.dll
2014-11-24 18:52 - 2014-11-24 18:52 - 00192512 _____ () C:\Users\Oliver\AppData\Local\Temp\sfamcc00001.dll
2014-10-16 21:13 - 2014-07-18 16:44 - 01325568 _____ () C:\Program Files (x86)\HexChat\cairo.dll
2014-10-16 21:13 - 2014-07-18 16:41 - 00068096 _____ () C:\Program Files (x86)\HexChat\zlib1.dll
2014-10-16 21:13 - 2014-07-18 16:42 - 00167936 _____ () C:\Program Files (x86)\HexChat\libpng16.dll
2014-10-16 21:13 - 2014-07-18 16:42 - 00562688 _____ () C:\Program Files (x86)\HexChat\fontconfig.dll
2014-10-16 21:13 - 2014-07-18 16:41 - 00021504 _____ () C:\Program Files (x86)\HexChat\iconv.dll
2014-10-16 21:13 - 2014-07-18 16:42 - 00589824 _____ () C:\Program Files (x86)\HexChat\pixman-1.dll
2014-10-16 21:13 - 2014-07-18 16:41 - 01103360 _____ () C:\Program Files (x86)\HexChat\libxml2.dll
2014-10-16 21:13 - 2014-07-18 16:44 - 00638464 _____ () C:\Program Files (x86)\HexChat\harfbuzz.dll
2014-10-16 21:13 - 2014-07-18 16:45 - 00045568 _____ () C:\Program Files (x86)\HexChat\lib\gtk-2.0\i686-pc-vs10\engines\libwimp.dll
2014-10-16 21:13 - 2014-07-18 16:44 - 00250368 _____ () C:\Program Files (x86)\HexChat\lib\enchant\libenchant_myspell.dll
2014-10-16 21:13 - 2014-07-28 20:58 - 00010752 _____ () C:\Program Files (x86)\HexChat\plugins\hcupd.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Oliver\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Oliver\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: D3DOverrider => "C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: itype => "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Oliver\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Oliver\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Oliver\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2780581019-2628166334-3317978689-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"

========================= Accounts: ==========================

Administrator (S-1-5-21-2780581019-2628166334-3317978689-500 - Administrator - Disabled)
Gast (S-1-5-21-2780581019-2628166334-3317978689-501 - Limited - Disabled)
Oliver.™ (S-1-5-21-2780581019-2628166334-3317978689-1000 - Administrator - Enabled) => C:\Users\Oliver

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 08:18:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/24/2014 07:26:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Oliver-PC)
Description: Bei der Aktivierung der App „43266Element26Software.SteamTile_2vng2mrd8a7zg!App“ ist folgender Fehler aufgetreten: -2144927151. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/24/2014 07:24:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Oliver-PC)
Description: Bei der Aktivierung der App „43266Element26Software.SteamTile_2vng2mrd8a7zg!App“ ist folgender Fehler aufgetreten: -2144927151. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


System errors:
=============
Error: (11/24/2014 08:20:38 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:20:08 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:19:37 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:19:07 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:12:53 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:12:23 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:11:53 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:11:23 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:10:52 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (11/24/2014 08:10:22 PM) (Source: DCOM) (EventID: 10010) (User: Oliver-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================
Error: (11/24/2014 08:18:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Oliver\Downloads\esetsmartinstaller_deu.exe

Error: (11/24/2014 07:26:35 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Oliver-PC)
Description: 43266Element26Software.SteamTile_2vng2mrd8a7zg!App-2144927151

Error: (11/24/2014 07:24:14 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Oliver-PC)
Description: 43266Element26Software.SteamTile_2vng2mrd8a7zg!App-2144927151


CodeIntegrity Errors:
===================================
  Date: 2014-11-24 16:40:56.154
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-24 16:40:54.942
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-24 16:08:00.257
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-24 16:07:58.522
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-23 20:24:17.173
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-23 20:24:16.892
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 15:27:40.395
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 15:27:39.801
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 15:24:58.608
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-11-20 15:24:58.077
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: AMD FX(tm)-8320 Eight-Core Processor 
Percentage of memory in use: 35%
Total physical RAM: 8175.24 MB
Available physical RAM: 5238.16 MB
Total Pagefile: 16367.24 MB
Available Pagefile: 12792.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:271.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 78ECA5AD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 26.11.2014, 08:49   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



Router auf Werkseinstellungen zurücksetzen, Verbindungsdaten neu eingeben.
Dann alle Browser zurücksetzen.
__________________
--> Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone

Alt 26.11.2014, 11:43   #7
Harri3r
 
Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



wow
das ist wie das physikstudium: das problem wirkt am anfang viel zu komplex, aber im nachhinein lag die lösung direkt vor der nase.
hab auch schließlich bemerkt, dass meine DNS Einstellungen am Router modifiziert waren und so garnicht stimmten. ich schätze mal, das problem hat sich gelöst, ich bedanke mich!

Alt 27.11.2014, 08:12   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Standard

Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone
adfoc.us, android, anhang, bereits, heute, hilfe!, lustige, malware, netzwerk, phone, problem, rechner, schnelle, schnelle hilfe, smartphone, spotify web helper, tagen, thinkpad, versuche, weitergeleitet, weiterleitung, windows, wlan, zusammen



Ähnliche Themen: Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone


  1. adbirdie Weiterleitung Browser Android Handy
    Smartphone, Tablet & Handy Security - 22.05.2015 (4)
  2. sogenannter BKA-Trojaner auf Smartphone/Android
    Smartphone, Tablet & Handy Security - 08.05.2015 (2)
  3. PC Windows & Smartphone über ein Internet laufen lassen
    Alles rund um Windows - 30.03.2015 (5)
  4. DHL-Trojaner auf Android-Smartphone?
    Smartphone, Tablet & Handy Security - 04.03.2015 (4)
  5. Smartphone (Android) verschickt selbstständig SMS mit Inhalt
    Smartphone, Tablet & Handy Security - 13.01.2015 (9)
  6. adfoc.us ruft unerwünschte websites auf
    Log-Analyse und Auswertung - 09.01.2015 (22)
  7. Windows Vista: Samsung-USB-Smartphone-Treiber-lnstall, mbam meldet Bedrohung
    Log-Analyse und Auswertung - 30.12.2014 (21)
  8. Windows 8, Windows 7, Android, Windows Phone - Websiten werden auf adfoc.us umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 30.11.2014 (7)
  9. Infektion eines Windows-PC durch ein Android Smartphone?
    Diskussionsforum - 26.09.2014 (18)
  10. Android.Trojan.Koler.A - Die Android Version vom BKA-Trojaner
    Smartphone, Tablet & Handy Security - 06.07.2014 (2)
  11. Security für Android OS Smartphone!
    Smartphone, Tablet & Handy Security - 31.10.2013 (5)
  12. Nerviger Virus, der im Internet nach öffnen einer Seite eine Werbeseite öffnet. (adfoc.us)
    Plagegeister aller Art und deren Bekämpfung - 07.01.2013 (15)
  13. adfoc.us - stoppt das ganze Internet!
    Log-Analyse und Auswertung - 26.11.2012 (1)
  14. Mega-Trojaner | Android-> Windows, Windows-> Android |
    Log-Analyse und Auswertung - 20.08.2012 (8)
  15. Smartphone-Phishing durch Android-Lücke
    Nachrichten - 04.07.2012 (0)
  16. Weiterleitung zu Gomeo u.a., Rechner lahmt, I-Net Verbindung lahmt -> Panik
    Plagegeister aller Art und deren Bekämpfung - 09.02.2011 (1)

Zum Thema Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone - Hallo zusammen! Seit Tagen habe ich das lustige Problem, dass ich in meinem Wlan Netzwerk ständlich auf eine Adfoc.us Seite weitergeleitet werde und seid heute auch auf meinem LG G2 - Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone...
Archiv
Du betrachtest: Adfoc.us Weiterleitung auf Windows 8.1 Rechner + Android Smartphone auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.