| |
| |||||||
Log-Analyse und Auswertung: sm und startfenster korrekt entfernt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
12.03.2015, 13:52
| #1 |
| |  sm und startfenster korrekt entfernt? Hallo! Auch ich habe mir beim laden von vlc lan sm und startfenster trojaner geholt. Ich habe das komplette Programm gefahren: ADWCleaner, Anti-Malwarebyte, ESET, FRST, JRT, Security Check.... und nun frage ich mich, ob ich alles korrekt gemacht habe oder ob ich noch was machen muss? Also hier zunächst einmal die FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Admin (administrator) on ADMIN-PC on 12-03-2015 13:41:01 Running from C:\Users\Admin\Downloads Loaded Profiles: Admin (Available profiles: Admin) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\Hotkey\HotkeyService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (CLEVO CO.) C:\Program Files (x86)\Hotkey\HkeyTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (ScanSoft, Inc.) D:\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2013-12-20] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => D:\ScanSoft\PaperPort\pptd40nt.exe [36864 2006-10-20] (Nuance Communications, Inc.) HKLM-x32\...\Run: [IndexSearch] => D:\ScanSoft\PaperPort\IndexSearch.exe [40960 2006-10-20] (Nuance Communications, Inc.) HKLM-x32\...\Run: [OpwareSE4] => D:\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [69632 2006-10-27] (ScanSoft, Inc.) HKLM-x32\...\Run: [PPort10reminder] => D:\ScanSoft\PaperPort\EREG\Ereg.exe [1409024 2006-04-20] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\S-1-5-21-91416009-2437426450-117909108-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-12] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-12] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p8j3dago.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-11] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-11] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p8j3dago.default\searchplugins\suchmaschine.xml [2015-03-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-02-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] () R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [23552 2014-01-16] () [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-12] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429344 2014-02-18] (Intel Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [290520 2013-07-25] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-20] (Synaptics Incorporated) R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows (R) Win 7 DDK provider) R4 truecrypt; D:\TC\Portable_TrueCrypt_7.0\truecrypt-x64.sys [230352 2010-07-19] (TrueCrypt Foundation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 13:41 - 2015-03-12 13:41 - 00011909 _____ () C:\Users\Admin\Downloads\FRST.txt 2015-03-12 13:40 - 2015-03-12 13:41 - 00000000 ____D () C:\FRST 2015-03-12 12:48 - 2015-03-12 12:48 - 02095616 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2015-03-12 12:39 - 2015-03-12 12:39 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-03-12 12:29 - 2015-03-12 12:31 - 272388096 _____ () C:\Users\Admin\Downloads\PaperPort.iso 2015-03-12 12:27 - 2015-03-12 12:27 - 00000619 _____ () C:\Users\Public\Desktop\IsoCreator.exe.lnk 2015-03-12 12:27 - 2015-03-12 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO Creator 1.0 2015-03-12 12:26 - 2015-03-12 12:26 - 00469504 _____ () C:\Users\Admin\Downloads\IsoCreator.msi 2015-03-12 12:20 - 2015-03-12 12:22 - 00000000 ____D () C:\Users\Admin\Downloads\ProTeXt 2015-03-12 12:19 - 2015-03-12 12:19 - 00000000 ____D () C:\Users\Admin\Documents\Eigene PaperPort-Dokumente 2015-03-12 12:11 - 2015-03-12 12:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ScanSoft 2015-03-12 12:11 - 2015-03-12 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4.0 2015-03-12 12:08 - 2015-03-12 12:11 - 00029249 _____ () C:\Windows\maxlink.ini 2015-03-12 12:08 - 2015-03-12 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 10 2015-03-12 12:08 - 2015-03-12 12:08 - 00000000 ____D () C:\ProgramData\InstallShield 2015-03-12 12:07 - 2015-03-12 12:11 - 00000000 ____D () C:\ProgramData\ScanSoft 2015-03-12 12:06 - 1998-10-21 17:43 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe 2015-03-12 12:03 - 2007-04-12 22:09 - 00002657 _____ () C:\Windows\system32\XUNZ__09.UNM 2015-03-12 12:03 - 2007-04-12 21:47 - 00176128 _____ (XEROX CORPORATION.) C:\Windows\system32\XUINST09.EXE 2015-03-12 11:57 - 2007-04-23 21:30 - 00110592 _____ () C:\Windows\system32\P6115_EX.dll 2015-03-12 11:57 - 2007-04-23 21:30 - 00077312 _____ () C:\Windows\system32\P6115_DS.dll 2015-03-12 11:49 - 2015-03-12 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic 2015-03-12 11:46 - 2015-03-12 12:14 - 1788857014 _____ () C:\Users\Admin\Downloads\ProTeXt-3.1.4-020114.exe 2015-03-12 11:34 - 2015-03-12 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-03-12 11:34 - 2015-03-12 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-03-12 11:34 - 2015-03-12 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services 2015-03-12 11:33 - 2015-03-12 11:33 - 00000000 ____D () C:\Windows\PCHEALTH 2015-03-12 11:33 - 2015-03-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework 2015-03-12 11:33 - 2015-03-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-03-12 11:32 - 2015-03-12 11:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-03-12 11:31 - 2015-03-12 11:31 - 00000000 ____D () C:\Program Files\Microsoft Office 2015-03-12 11:31 - 2015-03-12 11:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8 2015-03-12 11:30 - 2015-03-12 11:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2015-03-12 11:29 - 2015-03-12 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-12 11:29 - 2015-03-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-03-12 11:29 - 2015-03-12 11:29 - 00000000 __RHD () C:\MSOCache 2015-03-12 11:29 - 2015-03-12 11:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help 2015-03-12 11:13 - 2015-03-12 11:13 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-03-12 11:13 - 2015-03-12 11:13 - 00001912 _____ () C:\Windows\epplauncher.mif 2015-03-12 11:13 - 2015-03-12 11:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-03-12 11:12 - 2015-03-12 11:13 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-03-12 11:12 - 2015-03-12 11:12 - 14179480 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall.exe 2015-03-12 11:11 - 2015-03-12 11:11 - 00001140 _____ () C:\Users\Admin\Desktop\AdwCleaner[R3].txt 2015-03-12 11:10 - 2015-03-12 11:10 - 02235240 _____ () C:\Users\Admin\Downloads\VS.rar 2015-03-12 11:10 - 2015-03-12 11:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WinRAR 2015-03-12 11:06 - 2015-03-12 11:06 - 00001059 _____ () C:\Users\Admin\Desktop\mbam.txt 2015-03-12 00:33 - 2015-03-12 00:33 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe 2015-03-12 00:23 - 2015-03-12 12:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-12 00:22 - 2015-03-12 00:22 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-12 00:22 - 2015-03-12 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-12 00:22 - 2015-03-12 00:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-12 00:22 - 2015-03-12 00:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-12 00:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-12 00:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-12 00:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-12 00:20 - 2015-03-12 00:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-03-12 00:19 - 2015-03-12 11:11 - 00000000 ____D () C:\AdwCleaner 2015-03-12 00:19 - 2015-03-12 00:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-12 00:18 - 2015-03-12 00:18 - 02171392 _____ () C:\Users\Admin\Downloads\adwcleaner_4.112.exe 2015-03-12 00:16 - 2015-03-12 00:17 - 00000000 ____D () C:\ProgramData\Oracle 2015-03-12 00:16 - 2015-03-12 00:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\ProgramData\Sun 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\Program Files\WinRAR 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-12 00:15 - 2015-03-12 00:15 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-03-12 00:15 - 2015-03-12 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-03-12 00:15 - 2015-03-12 00:15 - 00000000 ____D () C:\Program Files\VideoLAN 2015-03-12 00:14 - 2015-03-12 00:14 - 00561064 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe 2015-03-12 00:13 - 2015-03-12 00:13 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-03-12 00:11 - 2015-03-12 00:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2015-03-12 00:11 - 2015-03-12 00:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2015-03-12 00:11 - 2015-03-12 00:11 - 00000000 ____D () C:\Program Files\Realtek 2015-03-12 00:11 - 2013-12-03 13:29 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-03-12 00:11 - 2013-12-03 09:05 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-03-12 00:11 - 2013-12-03 07:38 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-03-12 00:11 - 2013-12-02 09:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2015-03-12 00:11 - 2013-11-29 11:59 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-03-12 00:11 - 2013-11-26 10:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2015-03-12 00:11 - 2013-11-25 08:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-03-12 00:11 - 2013-11-25 08:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2015-03-12 00:11 - 2013-11-14 08:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-03-12 00:11 - 2013-11-13 11:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2015-03-12 00:11 - 2013-11-13 11:41 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2015-03-12 00:11 - 2013-11-13 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2015-03-12 00:11 - 2013-11-13 11:07 - 03899648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2015-03-12 00:11 - 2013-11-13 11:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2015-03-12 00:11 - 2013-11-13 10:52 - 01922304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2015-03-12 00:11 - 2013-11-13 10:52 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2015-03-12 00:11 - 2013-11-05 04:22 - 00912184 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2015-03-12 00:11 - 2013-11-05 04:19 - 05753112 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2015-03-12 00:11 - 2013-10-28 10:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-03-12 00:11 - 2013-10-11 04:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-03-12 00:11 - 2013-10-09 13:13 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2015-03-12 00:11 - 2013-10-09 13:12 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2015-03-12 00:11 - 2013-08-20 10:37 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll 2015-03-12 00:11 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-03-12 00:11 - 2013-08-14 09:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2015-03-12 00:11 - 2013-08-14 09:35 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2015-03-12 00:11 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-03-12 00:11 - 2013-07-23 08:39 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2015-03-12 00:11 - 2013-06-25 05:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2015-03-12 00:11 - 2013-06-25 05:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2015-03-12 00:11 - 2013-06-25 05:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2015-03-12 00:11 - 2013-04-24 10:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-03-12 00:11 - 2013-04-03 07:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2015-03-12 00:11 - 2012-08-31 12:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2015-03-12 00:11 - 2012-01-30 04:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2015-03-12 00:11 - 2012-01-10 03:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2015-03-12 00:11 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-03-12 00:11 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2015-03-12 00:11 - 2011-09-02 07:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-03-12 00:11 - 2011-09-02 07:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-03-12 00:11 - 2011-09-02 07:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-03-12 00:11 - 2011-08-23 10:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2015-03-12 00:11 - 2011-03-17 05:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-03-12 00:11 - 2011-03-07 10:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-03-12 00:11 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-03-12 00:11 - 2010-09-27 02:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-03-12 00:11 - 2010-07-22 09:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-03-12 00:10 - 2015-03-12 00:12 - 00000000 ___HD () C:\Program Files (x86)\Temp 2015-03-12 00:10 - 2013-11-25 10:20 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2015-03-12 00:10 - 2013-10-15 20:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-03-12 00:10 - 2013-10-11 05:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-03-12 00:10 - 2013-10-06 17:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2015-03-12 00:10 - 2013-10-06 17:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2015-03-12 00:10 - 2013-10-06 17:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2015-03-12 00:10 - 2013-09-09 21:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2015-03-12 00:10 - 2013-09-09 21:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2015-03-12 00:10 - 2013-09-09 21:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2015-03-12 00:10 - 2013-09-09 21:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2015-03-12 00:10 - 2013-08-05 11:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-03-12 00:10 - 2013-06-21 04:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2015-03-12 00:10 - 2012-03-08 04:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2015-03-12 00:08 - 2013-09-16 05:19 - 00016344 ____R (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll 2015-03-12 00:07 - 2015-03-12 00:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-03-12 00:07 - 2015-03-12 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-03-12 00:06 - 2013-09-16 05:19 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys 2015-03-12 00:03 - 2015-03-12 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2015-03-12 00:03 - 2013-12-20 09:38 - 00790512 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys 2015-03-12 00:03 - 2013-12-20 09:38 - 00369648 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys 2015-03-12 00:03 - 2013-12-20 09:38 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys 2015-03-11 23:58 - 2015-03-12 12:18 - 00109272 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-11 23:58 - 2015-03-11 23:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2015-03-11 23:55 - 2015-03-11 23:55 - 01559112 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-03-11 23:52 - 2015-03-12 00:01 - 00000000 ____D () C:\Program Files (x86)\Hotkey 2015-03-11 23:52 - 2014-01-15 18:19 - 00011776 _____ (Windows (R) 2000 DDK provider) C:\Windows\SysWOW64\CLEVOMOF.dll 2015-03-11 23:52 - 2013-07-31 16:55 - 00010752 _____ (Microsoft) C:\Windows\SysWOW64\BTControl.exe 2015-03-11 23:49 - 2012-02-17 07:38 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 23:49 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2015-03-11 23:49 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2015-03-11 23:49 - 2012-02-17 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2015-03-11 23:49 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ___HT () C:\Windows\wusa.lock 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ____D () C:\9e97533616fe18363b25baa9d4b18b 2015-03-11 23:48 - 2012-07-26 05:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-03-11 23:48 - 2012-07-26 05:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-03-11 23:48 - 2012-07-26 03:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2015-03-11 23:48 - 2012-06-02 15:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-03-11 23:45 - 2013-04-25 11:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsP2StorIcon.dll 2015-03-11 23:42 - 2015-03-12 00:08 - 00000000 ____D () C:\ProgramData\Intel 2015-03-11 23:42 - 2015-03-11 23:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2015-03-11 23:42 - 2015-03-11 23:42 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Intel 2015-03-11 23:42 - 2015-03-11 23:42 - 00000000 ____D () C:\Program Files\Common Files\Intel 2015-03-11 23:41 - 2015-03-11 23:41 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-11 23:40 - 2015-03-11 23:40 - 16407552 _____ () C:\Users\Admin\Downloads\pdfsam-v2_2_4.msi 2015-03-11 23:40 - 2015-03-11 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-03-11 23:40 - 2015-03-11 23:40 - 00000000 ____D () C:\Program Files (x86)\Cisco 2015-03-11 23:40 - 2014-01-10 09:57 - 03073752 ____R (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys 2015-03-11 23:40 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll 2015-03-11 23:39 - 2015-03-11 23:40 - 00000000 ____D () C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver 2015-03-11 23:39 - 2013-12-05 14:39 - 00454360 _____ (Realtek) C:\Windows\SwUSB.exe 2015-03-11 23:39 - 2013-10-18 16:42 - 00048856 _____ () C:\Windows\runSW.exe 2015-03-11 23:39 - 2010-12-01 09:31 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe 2015-03-11 23:37 - 2015-03-11 23:37 - 02058768 _____ () C:\Users\Admin\Downloads\winrar-x64-521d.exe 2015-03-11 23:36 - 2015-03-12 12:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-11 23:36 - 2015-03-11 23:37 - 29968864 _____ () C:\Users\Admin\Downloads\vlc-2.2.0-win64.exe 2015-03-11 23:36 - 2015-03-11 23:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-11 23:36 - 2015-03-11 23:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-11 23:36 - 2015-03-11 23:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Windows\system32\Macromed 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia 2015-03-11 23:35 - 2015-03-11 23:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-03-11 23:35 - 2015-03-11 23:35 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-03-11 23:34 - 2015-03-11 23:39 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-11 23:34 - 2015-03-11 23:34 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-11 23:33 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2015-03-11 23:32 - 2015-03-11 23:32 - 00000000 ____D () C:\Program Files\Synaptics 2015-03-11 23:32 - 2015-03-11 23:32 - 00000000 ____D () C:\0ec952eb42fd0b6a183ce61ce994b5 2015-03-11 23:32 - 2013-12-20 05:48 - 00543984 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2015-03-11 23:32 - 2013-12-20 05:48 - 00404208 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2015-03-11 23:32 - 2013-12-20 05:48 - 00254704 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2015-03-11 23:32 - 2013-12-20 05:48 - 00208112 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll 2015-03-11 23:31 - 2015-03-12 00:16 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-11 23:31 - 2015-03-12 00:16 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-11 23:31 - 2015-03-11 23:58 - 00030166 _____ () C:\Windows\DPINST.LOG 2015-03-11 23:31 - 2015-03-11 23:58 - 00001332 _____ () C:\Windows\Synaptics.log 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\ProgramData\Mozilla 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-11 23:31 - 2013-12-20 05:48 - 00743664 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2015-03-11 23:31 - 2013-12-20 05:48 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys 2015-03-11 23:31 - 2013-04-16 11:33 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2015-03-11 23:30 - 2015-03-11 23:46 - 00000000 ____D () C:\Windows\SysWOW64\sda 2015-03-11 23:30 - 2015-03-11 23:30 - 00243528 _____ () C:\Users\Admin\Downloads\Firefox Setup Stub 36.0.1.exe 2015-03-11 23:29 - 2015-03-12 00:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-11 23:29 - 2015-03-12 00:10 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-03-11 23:29 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-03-11 23:29 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-03-11 23:29 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-03-11 23:29 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-03-11 23:29 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-03-11 23:29 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-03-11 23:29 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-03-11 23:29 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-03-11 23:29 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-03-11 23:29 - 2013-07-25 02:36 - 00290520 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys 2015-03-11 23:28 - 2013-07-03 19:05 - 00552760 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe 2015-03-11 23:28 - 2013-05-30 01:54 - 00495376 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys 2015-03-11 23:28 - 2013-05-10 20:48 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll 2015-03-11 23:28 - 2013-03-01 21:42 - 00101152 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll 2015-03-11 23:28 - 2012-01-06 07:03 - 00003114 _____ () C:\Windows\system32\e1d62x64.din 2015-03-11 23:28 - 2009-05-26 03:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll 2015-03-11 23:28 - 2006-01-12 08:52 - 00001904 ____N () C:\Windows\system32\SetupBD.din 2015-03-11 23:26 - 2015-03-11 23:26 - 00017812 _____ () C:\Windows\system32\results.xml 2015-03-11 23:25 - 2015-03-11 23:25 - 00000244 _____ () C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat 2015-03-11 23:23 - 2015-03-12 00:07 - 00000000 ____D () C:\Program Files\Intel 2015-03-11 23:23 - 2015-03-11 23:23 - 00000696 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk 2015-03-11 23:23 - 2014-02-21 09:42 - 04340208 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 04336624 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00929776 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00543728 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00543216 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00501744 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00440816 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00393200 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00392688 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00282096 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00243696 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00191472 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00153072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2015-03-11 23:23 - 2014-02-11 02:24 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3431.dll 2015-03-11 23:23 - 2014-02-11 02:21 - 00002940 _____ () C:\Windows\system32\iglhxs64.vp 2015-03-11 23:23 - 2014-02-11 02:19 - 28528920 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 27966016 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 27344432 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 26690888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 04514472 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 03591592 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 01137096 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 01132976 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00417120 _____ () C:\Windows\system32\igdmd64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00334160 _____ () C:\Windows\SysWOW64\igdmd32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00218824 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00186912 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00183816 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00158048 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00080328 _____ () C:\Windows\system32\igfxexps.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 08118272 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 04233216 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2015-03-11 23:23 - 2014-02-11 02:14 - 00653824 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00267264 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00222208 _____ () C:\Windows\system32\igdde64.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00209920 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00186640 __RSH () C:\Windows\system32\resTHA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00179518 __RSH () C:\Windows\system32\resELL.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00175392 __RSH () C:\Windows\system32\resRUS.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00161268 __RSH () C:\Windows\system32\resARA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00160719 __RSH () C:\Windows\system32\resHEB.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00160681 __RSH () C:\Windows\system32\resJPN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00160256 _____ () C:\Windows\system32\igdail64.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00156105 __RSH () C:\Windows\system32\resFRA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00156096 __RSH () C:\Windows\system32\resHUN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154381 __RSH () C:\Windows\system32\resKOR.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154314 __RSH () C:\Windows\system32\resITA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154287 __RSH () C:\Windows\system32\resDEU.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154148 __RSH () C:\Windows\system32\resROM.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154037 __RSH () C:\Windows\system32\resESN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00153605 __RSH () C:\Windows\system32\resPLK.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00153459 __RSH () C:\Windows\system32\resSKY.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00153260 __RSH () C:\Windows\system32\resNLD.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152703 __RSH () C:\Windows\system32\resPTB.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152545 __RSH () C:\Windows\system32\resTRK.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152536 __RSH () C:\Windows\system32\resCSY.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152411 __RSH () C:\Windows\system32\resPTG.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151989 __RSH () C:\Windows\system32\resFIN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151558 __RSH () C:\Windows\system32\resHRV.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151097 __RSH () C:\Windows\system32\resSVE.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151040 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00150932 __RSH () C:\Windows\system32\resSLV.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00150001 __RSH () C:\Windows\system32\resNOR.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00149473 __RSH () C:\Windows\system32\resDAN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00148173 __RSH () C:\Windows\system32\resENU.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00146403 __RSH () C:\Windows\system32\resCHT.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00145574 __RSH () C:\Windows\system32\resCHS.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00068608 _____ () C:\Windows\system32\igfxCUIServicePS.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00057344 _____ ( ) C:\Windows\system32\igfxDHLib.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010240 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 06412800 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 00733696 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 00254976 _____ () C:\Windows\system32\igfxCPL.cpl 2015-03-11 23:23 - 2014-02-11 02:13 - 00182272 _____ () C:\Windows\SysWOW64\igdde32.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 00142848 _____ () C:\Windows\SysWOW64\igdail32.dll 2015-03-11 23:23 - 2014-02-11 02:12 - 00068608 _____ () C:\Windows\SysWOW64\igfxexps32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 25972224 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 20955136 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 03225088 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 02898432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00320512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00265216 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 02813952 _____ () C:\Windows\system32\iglhxa64.cpa 2015-03-11 23:23 - 2014-02-11 01:58 - 02020864 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 01753088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00182272 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00154624 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2015-03-11 23:23 - 2014-02-11 01:58 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2015-03-11 23:23 - 2014-02-11 01:58 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00044025 _____ () C:\Windows\system32\iglhxo64.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043816 _____ () C:\Windows\system32\iglhxc64_dev.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043494 _____ () C:\Windows\system32\iglhxc64.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043298 _____ () C:\Windows\system32\iglhxg64_dev.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043256 _____ () C:\Windows\system32\iglhxg64.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00042079 _____ () C:\Windows\system32\iglhxo64_dev.vp 2015-03-11 23:21 - 2014-02-11 02:24 - 00450520 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys 2015-03-11 23:18 - 2015-03-12 00:07 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-03-11 23:18 - 2015-03-11 23:21 - 00000000 ____D () C:\Intel 2015-03-11 23:18 - 2013-08-21 08:16 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2015-03-11 23:14 - 2015-03-12 12:19 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore 2015-03-11 23:14 - 2015-03-12 00:16 - 00001435 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-11 23:14 - 2015-03-11 23:14 - 00001401 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-03-11 23:13 - 2015-03-12 12:51 - 01377788 _____ () C:\Windows\WindowsUpdate.log 2015-03-11 23:13 - 2015-03-11 23:42 - 00000000 ____D () C:\Users\Admin 2015-03-11 23:13 - 2015-03-11 23:13 - 00000020 ___SH () C:\Users\Admin\ntuser.ini 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Vorlagen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Startmenü 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Lokale Einstellungen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Eigene Dateien 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Favoriten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 __SHD () C:\Recovery 2015-03-11 23:13 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-11 23:13 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-11 23:08 - 2015-03-11 23:08 - 00001355 _____ () C:\Windows\TSSysprep.log 2015-03-11 23:08 - 2015-03-11 23:08 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-03-11 23:08 - 2015-03-11 23:08 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-03-11 23:04 - 2015-03-11 23:13 - 00000000 ____D () C:\Windows\Panther ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 12:44 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat 2015-03-12 12:44 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat 2015-03-12 12:44 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-12 12:20 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-12 12:20 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-12 12:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-12 12:18 - 2009-07-14 05:51 - 00031492 _____ () C:\Windows\setupact.log 2015-03-12 12:18 - 2009-07-14 05:45 - 00415656 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 11:40 - 2010-11-21 04:47 - 00010226 _____ () C:\Windows\PFRO.log 2015-03-12 11:34 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew 2015-03-12 11:34 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-03-12 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-03-12 11:30 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini 2015-03-11 23:42 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-03-11 23:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore 2015-03-11 23:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-11 23:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2015-03-11 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-03-11 23:08 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-03-11 23:08 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log 2015-03-11 23:08 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-11 23:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep 2015-03-11 23:06 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\CSC 2015-03-11 23:04 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2015-03-11 23:04 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Files in the root of some directories ======= 2015-03-12 00:11 - 2015-03-12 00:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\APNSetup.exe C:\Users\Admin\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-11 23:05 ==================== End Of Log ============================ --- --- --- Hier die Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Admin at 2015-03-12 13:41:43
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Hotkey 2.24.28 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 2.24.28 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3431 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
ISO Creator 1.0 (HKLM-x32\...\{78D80EAF-1ADB-46A8-AF6F-EBB18B6ADBCE}) (Version: 1.0.0 - Bunny-Wabbit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
PDF Split And Merge Basic (HKLM-x32\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29069 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0239 - REALTEK Semiconductor Corp.)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{5106E879-D354-4511-BB91-BDDC0FB751F0}) (Version: 15.00.0020 - Nuance Communications, Inc.)
ScanSoft PaperPort 10 (HKLM-x32\...\{A82DA09D-AE5B-4471-A591-14342B9C5BB4}) (Version: 10.3.0000 - ScanSoft, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.0 - Synaptics Incorporated)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XEROX Phaser 6115MFP Drucker- und Scannertreiber (HKLM\...\XEROX Phaser 6115MFP) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-91416009-2437426450-117909108-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
11-03-2015 23:27:49 Installed Intel(R) Network Connections.
11-03-2015 23:29:38 Installiert Realtek Card Reader
11-03-2015 23:39:32 Installiert REALTEK PCIE Wireless LAN Driver
11-03-2015 23:41:15 Intel® PROSet/Wireless Software
11-03-2015 23:45:05 Installiert Realtek Card Reader
11-03-2015 23:52:06 Installiert Hotkey 2.24.28
11-03-2015 23:53:17 Windows Update
12-03-2015 00:00:44 Installiert Hotkey 2.24.28
12-03-2015 11:29:20 Installed Microsoft Office Professional Plus 2010
12-03-2015 11:48:32 Installed PDF Split And Merge Basic
12-03-2015 11:49:21 Installed PDF Split And Merge Basic
12-03-2015 12:07:38 Installed ScanSoft PaperPort 10
12-03-2015 12:10:21 Installed ScanSoft OmniPage SE 4.0
12-03-2015 12:27:07 Installed ISO Creator 1.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A9A6A1C-8804-46F1-9A3C-8A653F11AD37} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {27C0FEA8-475B-4890-96DE-13C0F8C4F04D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11] (Adobe Systems Incorporated)
Task: {4C518EE0-56BC-4077-8D27-B984CC4CB1EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-11 23:52 - 2014-01-16 11:34 - 00023552 _____ () C:\Program Files (x86)\Hotkey\HotkeyService.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-12 00:07 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-91416009-2437426450-117909108-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Admin (S-1-5-21-91416009-2437426450-117909108-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-91416009-2437426450-117909108-500 - Administrator - Disabled)
Gast (S-1-5-21-91416009-2437426450-117909108-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: EgisTec_ES603
Description: EgisTec_ES603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/12/2015 01:41:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 01:18:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 01:18:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 01:18:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 00:39:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 00:39:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 00:39:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 00:35:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (03/12/2015 00:18:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/12/2015 11:41:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/12/2015 01:02:08 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:59:08 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:58:07 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:57:07 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:56:07 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:53:07 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:52:07 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:43:07 PM) (Source: srv) (EventID: 2017) (User: )
Description: Der Server konnte keinen nicht-ausgelagerten Poolspeicher reservieren, da die konfigurierte Grenze für die Reservierung von nicht-ausgelagertem Poolspeicher erreicht wurde.
Error: (03/12/2015 00:17:42 PM) (Source: MEIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (03/12/2015 00:09:27 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe -Embedding740{9C0BA3C1-2B67-45EB-BF69-BED9658D28D2}
Microsoft Office Sessions:
=========================
Error: (03/12/2015 01:41:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (03/12/2015 01:18:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 01:18:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 01:18:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 00:39:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 00:39:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 00:39:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 00:35:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest\\ADMIN-PC\Users\Admin\Downloads\esetsmartinstaller_deu.exe
Error: (03/12/2015 00:18:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/12/2015 11:41:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Percentage of memory in use: 30%
Total physical RAM: 8128.41 MB
Available physical RAM: 5612.34 MB
Total Pagefile: 16255.02 MB
Available Pagefile: 13440.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:443.23 GB) (Free:402.81 GB) NTFS
Drive d: () (Fixed) (Total:488.18 GB) (Free:487.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 30B7189A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BE0893E5)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 12.03.2015 Scan Time: 10:36:17 Logfile: Scan1203.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.03.11.05 Rootkit Database: v2015.02.25.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Admin Scan Type: Threat Scan Result: Completed Objects Scanned: 327687 Time Elapsed: 19 min, 29 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 12/03/2015 um 11:10:15
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Admin - ADMIN-PC
# Gestarted von : C:\Users\Admin\Downloads\adwcleaner_4.112.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Mozilla Firefox v36.0.1 (x86 de)
*************************
AdwCleaner[R0].txt - [1561 Bytes] - [12/03/2015 00:19:49]
AdwCleaner[R1].txt - [905 Bytes] - [12/03/2015 00:37:00]
AdwCleaner[R2].txt - [1021 Bytes] - [12/03/2015 00:40:38]
AdwCleaner[R3].txt - [827 Bytes] - [12/03/2015 11:10:15]
AdwCleaner[S0].txt - [1276 Bytes] - [12/03/2015 00:20:32]
AdwCleaner[S1].txt - [965 Bytes] - [12/03/2015 00:38:00]
AdwCleaner[S2].txt - [1083 Bytes] - [12/03/2015 00:41:43]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [1061 Bytes] ##########
[/CODE] Hier die JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Ultimate x64
Ran by Admin on 12.03.2015 at 13:44:26,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\p8j3dago.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.03.2015 at 13:47:05,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c7294490019b0440bcd02edaa697556e
# engine=22872
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-12 12:17:54
# local_time=2015-03-12 01:17:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 7482 49146668 0 0
# scanned=154921
# found=1
# cleaned=0
# scan_time=2148
sh=0D8E30825CB3EDA91E025A4682E36F7482398D78 ft=1 fh=722aae3bc3f03026 vn="Variante von Win32/Toolbar.Conduit.I evtl. unerwünschte Anwendung" ac=I fn="W:\wp4.41setup.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c7294490019b0440bcd02edaa697556e
# engine=22875
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-12 12:36:34
# local_time=2015-03-12 01:36:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 8602 49147788 0 0
# scanned=148782
# found=0
# cleaned=0
# scan_time=1050
Code:
ATTFilter Results of screen317's Security Check version 0.99.97 Windows 7 Service Pack 1 x64 (UAC is enabled) ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 40 Java version 32-bit out of Date! Java 64-bit 8 Update 31 Adobe Flash Player 16.0.0.305 Adobe Reader XI Mozilla Firefox (36.0.1) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
12.03.2015, 13:54
| #2 |
| /// the machine /// TB-Ausbilder    | sm und startfenster korrekt entfernt? Hi,
__________________sieht gut aus 
__________________ |
|
12.03.2015, 13:58
| #3 | |
| | sm und startfenster korrekt entfernt? Achso:
__________________Hier nochmal eine aktuelle FRST und Addition, d.h. nachdem alles andere durchgelaufen ist: FRST: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Admin (administrator) on ADMIN-PC on 12-03-2015 13:57:09 Running from C:\Users\Admin\Downloads Loaded Profiles: Admin (Available profiles: Admin) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Program Files (x86)\Hotkey\HotkeyService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (CLEVO CO.) C:\Program Files (x86)\Hotkey\HkeyTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (ScanSoft, Inc.) D:\ScanSoft\OmniPageSE4.0\OpWareSE4.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TrueCrypt Foundation) D:\TC\Portable_TrueCrypt_7.0\TrueCrypt.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2806512 2013-12-20] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-12-20] (Intel Corporation) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [155648 2003-10-14] (Scansoft, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => D:\ScanSoft\PaperPort\pptd40nt.exe [36864 2006-10-20] (Nuance Communications, Inc.) HKLM-x32\...\Run: [IndexSearch] => D:\ScanSoft\PaperPort\IndexSearch.exe [40960 2006-10-20] (Nuance Communications, Inc.) HKLM-x32\...\Run: [OpwareSE4] => D:\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [69632 2006-10-27] (ScanSoft, Inc.) HKLM-x32\...\Run: [PPort10reminder] => D:\ScanSoft\PaperPort\EREG\Ereg.exe [1409024 2006-04-20] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hotkey.lnk ShortcutTarget: Hotkey.lnk -> C:\Program Files (x86)\Hotkey\HkeyTray.exe (CLEVO CO.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKU\S-1-5-21-91416009-2437426450-117909108-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-12] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-12] (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p8j3dago.default FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-03-11] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-03-11] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-12] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-12] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\p8j3dago.default\searchplugins\suchmaschine.xml [2015-03-12] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-02-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] () R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation) R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\HotkeyService.exe [23552 2014-01-16] () [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-12] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation) R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429344 2014-02-18] (Intel Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation) R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [290520 2013-07-25] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-20] (Synaptics Incorporated) R1 SvThANSP; C:\Program Files (x86)\Hotkey\SvThANSP.sys [15224 2013-10-11] (Windows (R) Win 7 DDK provider) R4 truecrypt; D:\TC\Portable_TrueCrypt_7.0\truecrypt-x64.sys [230352 2010-07-19] (TrueCrypt Foundation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 13:47 - 2015-03-12 13:47 - 00000752 _____ () C:\Users\Admin\Desktop\JRT.txt 2015-03-12 13:44 - 2015-03-12 13:44 - 01388333 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe 2015-03-12 13:43 - 2015-03-12 13:43 - 00001000 _____ () C:\Users\Admin\Desktop\SecurityCheckcheckup.txt 2015-03-12 13:42 - 2015-03-12 13:42 - 00852604 _____ () C:\Users\Admin\Downloads\SecurityCheck.exe 2015-03-12 13:42 - 2015-03-12 13:42 - 00061127 _____ () C:\Users\Admin\Desktop\FRST.txt 2015-03-12 13:42 - 2015-03-12 13:42 - 00026251 _____ () C:\Users\Admin\Desktop\Addition.txt 2015-03-12 13:41 - 2015-03-12 13:57 - 00011976 _____ () C:\Users\Admin\Downloads\FRST.txt 2015-03-12 13:41 - 2015-03-12 13:42 - 00026251 _____ () C:\Users\Admin\Downloads\Addition.txt 2015-03-12 13:40 - 2015-03-12 13:57 - 00000000 ____D () C:\FRST 2015-03-12 12:48 - 2015-03-12 12:48 - 02095616 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe 2015-03-12 12:39 - 2015-03-12 12:39 - 00000000 ____D () C:\Program Files (x86)\ESET 2015-03-12 12:29 - 2015-03-12 12:31 - 272388096 _____ () C:\Users\Admin\Downloads\PaperPort.iso 2015-03-12 12:27 - 2015-03-12 12:27 - 00000619 _____ () C:\Users\Public\Desktop\IsoCreator.exe.lnk 2015-03-12 12:27 - 2015-03-12 12:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO Creator 1.0 2015-03-12 12:26 - 2015-03-12 12:26 - 00469504 _____ () C:\Users\Admin\Downloads\IsoCreator.msi 2015-03-12 12:20 - 2015-03-12 12:22 - 00000000 ____D () C:\Users\Admin\Downloads\ProTeXt 2015-03-12 12:19 - 2015-03-12 12:19 - 00000000 ____D () C:\Users\Admin\Documents\Eigene PaperPort-Dokumente 2015-03-12 12:11 - 2015-03-12 12:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ScanSoft 2015-03-12 12:11 - 2015-03-12 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4.0 2015-03-12 12:08 - 2015-03-12 12:11 - 00029249 _____ () C:\Windows\maxlink.ini 2015-03-12 12:08 - 2015-03-12 12:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 10 2015-03-12 12:08 - 2015-03-12 12:08 - 00000000 ____D () C:\ProgramData\InstallShield 2015-03-12 12:07 - 2015-03-12 12:11 - 00000000 ____D () C:\ProgramData\ScanSoft 2015-03-12 12:06 - 1998-10-21 17:43 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe 2015-03-12 12:03 - 2007-04-12 22:09 - 00002657 _____ () C:\Windows\system32\XUNZ__09.UNM 2015-03-12 12:03 - 2007-04-12 21:47 - 00176128 _____ (XEROX CORPORATION.) C:\Windows\system32\XUINST09.EXE 2015-03-12 11:57 - 2007-04-23 21:30 - 00110592 _____ () C:\Windows\system32\P6115_EX.dll 2015-03-12 11:57 - 2007-04-23 21:30 - 00077312 _____ () C:\Windows\system32\P6115_DS.dll 2015-03-12 11:49 - 2015-03-12 11:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic 2015-03-12 11:46 - 2015-03-12 12:14 - 1788857014 _____ () C:\Users\Admin\Downloads\ProTeXt-3.1.4-020114.exe 2015-03-12 11:34 - 2015-03-12 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint 2015-03-12 11:34 - 2015-03-12 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-03-12 11:34 - 2015-03-12 11:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services 2015-03-12 11:33 - 2015-03-12 11:33 - 00000000 ____D () C:\Windows\PCHEALTH 2015-03-12 11:33 - 2015-03-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework 2015-03-12 11:33 - 2015-03-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2015-03-12 11:32 - 2015-03-12 11:32 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-03-12 11:31 - 2015-03-12 11:31 - 00000000 ____D () C:\Program Files\Microsoft Office 2015-03-12 11:31 - 2015-03-12 11:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8 2015-03-12 11:30 - 2015-03-12 11:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2015-03-12 11:29 - 2015-03-12 11:37 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-12 11:29 - 2015-03-12 11:33 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-03-12 11:29 - 2015-03-12 11:29 - 00000000 __RHD () C:\MSOCache 2015-03-12 11:29 - 2015-03-12 11:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help 2015-03-12 11:13 - 2015-03-12 11:13 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2015-03-12 11:13 - 2015-03-12 11:13 - 00001912 _____ () C:\Windows\epplauncher.mif 2015-03-12 11:13 - 2015-03-12 11:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2015-03-12 11:12 - 2015-03-12 11:13 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2015-03-12 11:12 - 2015-03-12 11:12 - 14179480 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\mseinstall.exe 2015-03-12 11:11 - 2015-03-12 11:11 - 00001140 _____ () C:\Users\Admin\Desktop\AdwCleaner[R3].txt 2015-03-12 11:10 - 2015-03-12 11:10 - 02235240 _____ () C:\Users\Admin\Downloads\VS.rar 2015-03-12 11:10 - 2015-03-12 11:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WinRAR 2015-03-12 11:06 - 2015-03-12 11:06 - 00001059 _____ () C:\Users\Admin\Desktop\mbam.txt 2015-03-12 00:33 - 2015-03-12 00:33 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe 2015-03-12 00:23 - 2015-03-12 12:34 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-12 00:22 - 2015-03-12 00:22 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-12 00:22 - 2015-03-12 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-12 00:22 - 2015-03-12 00:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-12 00:22 - 2015-03-12 00:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-12 00:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-12 00:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-12 00:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-12 00:20 - 2015-03-12 00:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-03-12 00:19 - 2015-03-12 11:11 - 00000000 ____D () C:\AdwCleaner 2015-03-12 00:19 - 2015-03-12 00:19 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-12 00:18 - 2015-03-12 00:18 - 02171392 _____ () C:\Users\Admin\Downloads\adwcleaner_4.112.exe 2015-03-12 00:16 - 2015-03-12 00:17 - 00000000 ____D () C:\ProgramData\Oracle 2015-03-12 00:16 - 2015-03-12 00:16 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\ProgramData\Sun 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\Program Files\WinRAR 2015-03-12 00:16 - 2015-03-12 00:16 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-12 00:15 - 2015-03-12 00:15 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2015-03-12 00:15 - 2015-03-12 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2015-03-12 00:15 - 2015-03-12 00:15 - 00000000 ____D () C:\Program Files\VideoLAN 2015-03-12 00:14 - 2015-03-12 00:14 - 00561064 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe 2015-03-12 00:13 - 2015-03-12 00:13 - 00000180 _____ () C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-03-12 00:11 - 2015-03-12 00:11 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2015-03-12 00:11 - 2015-03-12 00:11 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2015-03-12 00:11 - 2015-03-12 00:11 - 00000000 ____D () C:\Program Files\Realtek 2015-03-12 00:11 - 2013-12-03 13:29 - 03760344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2015-03-12 00:11 - 2013-12-03 09:05 - 00154840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2015-03-12 00:11 - 2013-12-03 07:38 - 00693329 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2015-03-12 00:11 - 2013-12-02 09:55 - 05681196 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2015-03-12 00:11 - 2013-11-29 11:59 - 41974272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2015-03-12 00:11 - 2013-11-26 10:26 - 00618200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2015-03-12 00:11 - 2013-11-25 08:59 - 02810072 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2015-03-12 00:11 - 2013-11-25 08:59 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll 2015-03-12 00:11 - 2013-11-14 08:49 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2015-03-12 00:11 - 2013-11-13 11:52 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2015-03-12 00:11 - 2013-11-13 11:41 - 14153984 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2015-03-12 00:11 - 2013-11-13 11:10 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2015-03-12 00:11 - 2013-11-13 11:07 - 03899648 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2015-03-12 00:11 - 2013-11-13 11:07 - 02036992 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2015-03-12 00:11 - 2013-11-13 10:52 - 01922304 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2015-03-12 00:11 - 2013-11-13 10:52 - 01345280 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2015-03-12 00:11 - 2013-11-05 04:22 - 00912184 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2015-03-12 00:11 - 2013-11-05 04:19 - 05753112 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2015-03-12 00:11 - 2013-10-28 10:29 - 01021656 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2015-03-12 00:11 - 2013-10-11 04:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2015-03-12 00:11 - 2013-10-09 13:13 - 01286400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2015-03-12 00:11 - 2013-10-09 13:12 - 27644160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 01014016 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 00897792 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 00722688 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2015-03-12 00:11 - 2013-08-23 20:14 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2015-03-12 00:11 - 2013-08-20 10:37 - 00605496 _____ () C:\Windows\system32\audioLibVc.dll 2015-03-12 00:11 - 2013-08-14 09:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2015-03-12 00:11 - 2013-08-14 09:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2015-03-12 00:11 - 2013-08-14 09:35 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2015-03-12 00:11 - 2013-08-14 09:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2015-03-12 00:11 - 2013-07-23 08:39 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2015-03-12 00:11 - 2013-06-25 05:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2015-03-12 00:11 - 2013-06-25 05:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2015-03-12 00:11 - 2013-06-25 05:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2015-03-12 00:11 - 2013-04-24 10:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2015-03-12 00:11 - 2013-04-03 07:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2015-03-12 00:11 - 2012-08-31 12:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2015-03-12 00:11 - 2012-08-31 12:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2015-03-12 00:11 - 2012-01-30 04:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2015-03-12 00:11 - 2012-01-10 03:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2015-03-12 00:11 - 2011-12-20 08:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2015-03-12 00:11 - 2011-11-22 09:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2015-03-12 00:11 - 2011-09-02 07:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2015-03-12 00:11 - 2011-09-02 07:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2015-03-12 00:11 - 2011-09-02 07:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2015-03-12 00:11 - 2011-08-23 10:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2015-03-12 00:11 - 2011-03-17 05:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2015-03-12 00:11 - 2011-03-07 10:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2015-03-12 00:11 - 2010-11-08 00:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2015-03-12 00:11 - 2010-11-03 11:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2015-03-12 00:11 - 2010-09-27 02:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2015-03-12 00:11 - 2010-07-22 09:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2015-03-12 00:11 - 2009-11-24 02:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2015-03-12 00:10 - 2015-03-12 00:12 - 00000000 ___HD () C:\Program Files (x86)\Temp 2015-03-12 00:10 - 2013-11-25 10:20 - 02080472 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2015-03-12 00:10 - 2013-10-15 20:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2015-03-12 00:10 - 2013-10-11 05:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2015-03-12 00:10 - 2013-10-06 17:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2015-03-12 00:10 - 2013-10-06 17:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2015-03-12 00:10 - 2013-10-06 17:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2015-03-12 00:10 - 2013-09-09 21:02 - 06217904 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2015-03-12 00:10 - 2013-09-09 21:02 - 00313520 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2015-03-12 00:10 - 2013-09-09 21:01 - 01938608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2015-03-12 00:10 - 2013-09-09 21:01 - 00260272 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2015-03-12 00:10 - 2013-08-05 11:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2015-03-12 00:10 - 2013-06-21 04:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2015-03-12 00:10 - 2012-03-08 04:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2015-03-12 00:10 - 2011-05-31 02:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2015-03-12 00:08 - 2013-09-16 05:19 - 00016344 ____R (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll 2015-03-12 00:07 - 2015-03-12 00:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf 2015-03-12 00:07 - 2015-03-12 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-03-12 00:06 - 2013-09-16 05:19 - 00099288 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys 2015-03-12 00:03 - 2015-03-12 00:03 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf 2015-03-12 00:03 - 2013-12-20 09:38 - 00790512 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys 2015-03-12 00:03 - 2013-12-20 09:38 - 00369648 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys 2015-03-12 00:03 - 2013-12-20 09:38 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys 2015-03-11 23:58 - 2015-03-12 12:18 - 00109272 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-11 23:58 - 2015-03-11 23:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf 2015-03-11 23:55 - 2015-03-11 23:55 - 01559112 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-03-11 23:52 - 2015-03-12 00:01 - 00000000 ____D () C:\Program Files (x86)\Hotkey 2015-03-11 23:52 - 2014-01-15 18:19 - 00011776 _____ (Windows (R) 2000 DDK provider) C:\Windows\SysWOW64\CLEVOMOF.dll 2015-03-11 23:52 - 2013-07-31 16:55 - 00010752 _____ (Microsoft) C:\Windows\SysWOW64\BTControl.exe 2015-03-11 23:49 - 2012-02-17 07:38 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-11 23:49 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2015-03-11 23:49 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2015-03-11 23:49 - 2012-02-17 05:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2015-03-11 23:49 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ___HT () C:\Windows\wusa.lock 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ____H () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf 2015-03-11 23:48 - 2015-03-11 23:48 - 00000000 ____D () C:\9e97533616fe18363b25baa9d4b18b 2015-03-11 23:48 - 2012-07-26 05:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2015-03-11 23:48 - 2012-07-26 05:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys 2015-03-11 23:48 - 2012-07-26 03:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll 2015-03-11 23:48 - 2012-06-02 15:35 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2015-03-11 23:45 - 2013-04-25 11:12 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsP2StorIcon.dll 2015-03-11 23:42 - 2015-03-12 00:08 - 00000000 ____D () C:\ProgramData\Intel 2015-03-11 23:42 - 2015-03-11 23:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless 2015-03-11 23:42 - 2015-03-11 23:42 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Intel 2015-03-11 23:42 - 2015-03-11 23:42 - 00000000 ____D () C:\Program Files\Common Files\Intel 2015-03-11 23:41 - 2015-03-11 23:41 - 00000000 ____D () C:\ProgramData\Package Cache 2015-03-11 23:40 - 2015-03-11 23:40 - 16407552 _____ () C:\Users\Admin\Downloads\pdfsam-v2_2_4.msi 2015-03-11 23:40 - 2015-03-11 23:40 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-03-11 23:40 - 2015-03-11 23:40 - 00000000 ____D () C:\Program Files (x86)\Cisco 2015-03-11 23:40 - 2014-01-10 09:57 - 03073752 ____R (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys 2015-03-11 23:40 - 2012-02-14 19:37 - 00594432 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll 2015-03-11 23:39 - 2015-03-11 23:40 - 00000000 ____D () C:\Program Files (x86)\REALTEK PCIE Wireless LAN Driver 2015-03-11 23:39 - 2013-12-05 14:39 - 00454360 _____ (Realtek) C:\Windows\SwUSB.exe 2015-03-11 23:39 - 2013-10-18 16:42 - 00048856 _____ () C:\Windows\runSW.exe 2015-03-11 23:39 - 2010-12-01 09:31 - 00451072 _____ () C:\Windows\SysWOW64\ISSRemoveSP.exe 2015-03-11 23:37 - 2015-03-11 23:37 - 02058768 _____ () C:\Users\Admin\Downloads\winrar-x64-521d.exe 2015-03-11 23:36 - 2015-03-12 13:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-11 23:36 - 2015-03-11 23:37 - 29968864 _____ () C:\Users\Admin\Downloads\vlc-2.2.0-win64.exe 2015-03-11 23:36 - 2015-03-11 23:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-11 23:36 - 2015-03-11 23:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-11 23:36 - 2015-03-11 23:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Windows\system32\Macromed 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe 2015-03-11 23:36 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia 2015-03-11 23:35 - 2015-03-11 23:35 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-03-11 23:35 - 2015-03-11 23:35 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-03-11 23:34 - 2015-03-11 23:39 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-11 23:34 - 2015-03-11 23:34 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-11 23:33 - 2015-03-11 23:36 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe 2015-03-11 23:32 - 2015-03-11 23:32 - 00000000 ____D () C:\Program Files\Synaptics 2015-03-11 23:32 - 2015-03-11 23:32 - 00000000 ____D () C:\0ec952eb42fd0b6a183ce61ce994b5 2015-03-11 23:32 - 2013-12-20 05:48 - 00543984 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys 2015-03-11 23:32 - 2013-12-20 05:48 - 00404208 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll 2015-03-11 23:32 - 2013-12-20 05:48 - 00254704 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll 2015-03-11 23:32 - 2013-12-20 05:48 - 00208112 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll 2015-03-11 23:31 - 2015-03-12 00:16 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-03-11 23:31 - 2015-03-12 00:16 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-03-11 23:31 - 2015-03-11 23:58 - 00030166 _____ () C:\Windows\DPINST.LOG 2015-03-11 23:31 - 2015-03-11 23:58 - 00001332 _____ () C:\Windows\Synaptics.log 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\ProgramData\Mozilla 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-11 23:31 - 2015-03-11 23:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-11 23:31 - 2013-12-20 05:48 - 00743664 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll 2015-03-11 23:31 - 2013-12-20 05:48 - 00031472 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys 2015-03-11 23:31 - 2013-04-16 11:33 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll 2015-03-11 23:30 - 2015-03-11 23:46 - 00000000 ____D () C:\Windows\SysWOW64\sda 2015-03-11 23:30 - 2015-03-11 23:30 - 00243528 _____ () C:\Users\Admin\Downloads\Firefox Setup Stub 36.0.1.exe 2015-03-11 23:29 - 2015-03-12 00:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-03-11 23:29 - 2015-03-12 00:10 - 00000000 ____D () C:\Program Files (x86)\Realtek 2015-03-11 23:29 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-03-11 23:29 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-03-11 23:29 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-03-11 23:29 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-03-11 23:29 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-03-11 23:29 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-03-11 23:29 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-03-11 23:29 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-03-11 23:29 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-03-11 23:29 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-03-11 23:29 - 2013-07-25 02:36 - 00290520 ____R (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsP2Stor.sys 2015-03-11 23:28 - 2013-07-03 19:05 - 00552760 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe 2015-03-11 23:28 - 2013-05-30 01:54 - 00495376 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1d62x64.sys 2015-03-11 23:28 - 2013-05-10 20:48 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1dmsg.dll 2015-03-11 23:28 - 2013-03-01 21:42 - 00101152 _____ (Intel Corporation) C:\Windows\system32\NicInstD.dll 2015-03-11 23:28 - 2012-01-06 07:03 - 00003114 _____ () C:\Windows\system32\e1d62x64.din 2015-03-11 23:28 - 2009-05-26 03:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll 2015-03-11 23:28 - 2006-01-12 08:52 - 00001904 ____N () C:\Windows\system32\SetupBD.din 2015-03-11 23:26 - 2015-03-11 23:26 - 00017812 _____ () C:\Windows\system32\results.xml 2015-03-11 23:25 - 2015-03-11 23:25 - 00000244 _____ () C:\Windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat 2015-03-11 23:23 - 2015-03-12 00:07 - 00000000 ____D () C:\Program Files\Intel 2015-03-11 23:23 - 2015-03-11 23:23 - 00000696 _____ () C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk 2015-03-11 23:23 - 2014-02-21 09:42 - 04340208 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 04336624 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00929776 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00543728 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00543216 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00501744 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00440816 _____ (Intel Corporation) C:\Windows\system32\igfxTray.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00393200 _____ (Intel Corporation) C:\Windows\system32\CustomModeApp.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00392688 _____ (Intel Corporation) C:\Windows\system32\CustomModeAppv2_0.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00282096 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00279024 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00243696 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00191472 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe 2015-03-11 23:23 - 2014-02-21 09:42 - 00153072 _____ (Intel Corporation) C:\Windows\system32\difx64.exe 2015-03-11 23:23 - 2014-02-11 02:24 - 00182784 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v3431.dll 2015-03-11 23:23 - 2014-02-11 02:21 - 00002940 _____ () C:\Windows\system32\iglhxs64.vp 2015-03-11 23:23 - 2014-02-11 02:19 - 28528920 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 27966016 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 27344432 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 26690888 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 04514472 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 03591592 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 01137096 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 01132976 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00417120 _____ () C:\Windows\system32\igdmd64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00334160 _____ () C:\Windows\SysWOW64\igdmd32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00218824 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00186912 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00183816 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00158048 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll 2015-03-11 23:23 - 2014-02-11 02:19 - 00080328 _____ () C:\Windows\system32\igfxexps.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 08118272 _____ (Intel Corporation) C:\Windows\system32\ig75icd64.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 04233216 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys 2015-03-11 23:23 - 2014-02-11 02:14 - 00653824 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00372736 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00267264 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00222208 _____ () C:\Windows\system32\igdde64.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00209920 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00186640 __RSH () C:\Windows\system32\resTHA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00179518 __RSH () C:\Windows\system32\resELL.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00175392 __RSH () C:\Windows\system32\resRUS.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00161268 __RSH () C:\Windows\system32\resARA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00160719 __RSH () C:\Windows\system32\resHEB.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00160681 __RSH () C:\Windows\system32\resJPN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00160256 _____ () C:\Windows\system32\igdail64.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00156105 __RSH () C:\Windows\system32\resFRA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00156096 __RSH () C:\Windows\system32\resHUN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154381 __RSH () C:\Windows\system32\resKOR.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154314 __RSH () C:\Windows\system32\resITA.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154287 __RSH () C:\Windows\system32\resDEU.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154148 __RSH () C:\Windows\system32\resROM.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00154037 __RSH () C:\Windows\system32\resESN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00153605 __RSH () C:\Windows\system32\resPLK.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00153459 __RSH () C:\Windows\system32\resSKY.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00153260 __RSH () C:\Windows\system32\resNLD.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152703 __RSH () C:\Windows\system32\resPTB.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152545 __RSH () C:\Windows\system32\resTRK.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152536 __RSH () C:\Windows\system32\resCSY.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00152411 __RSH () C:\Windows\system32\resPTG.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151989 __RSH () C:\Windows\system32\resFIN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151558 __RSH () C:\Windows\system32\resHRV.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151097 __RSH () C:\Windows\system32\resSVE.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00151040 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00150932 __RSH () C:\Windows\system32\resSLV.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00150001 __RSH () C:\Windows\system32\resNOR.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00149473 __RSH () C:\Windows\system32\resDAN.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00148173 __RSH () C:\Windows\system32\resENU.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00146403 __RSH () C:\Windows\system32\resCHT.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00145574 __RSH () C:\Windows\system32\resCHS.cui 2015-03-11 23:23 - 2014-02-11 02:14 - 00069632 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00068608 _____ () C:\Windows\system32\igfxCUIServicePS.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00057344 _____ ( ) C:\Windows\system32\igfxDHLib.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010752 _____ ( ) C:\Windows\system32\igfxDILib.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010240 _____ ( ) C:\Windows\system32\igfxEMLib.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00010240 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll 2015-03-11 23:23 - 2014-02-11 02:14 - 00005120 _____ ( ) C:\Windows\system32\igfxLHMLib.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 06412800 _____ (Intel Corporation) C:\Windows\SysWOW64\ig75icd32.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 00733696 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 00254976 _____ () C:\Windows\system32\igfxCPL.cpl 2015-03-11 23:23 - 2014-02-11 02:13 - 00182272 _____ () C:\Windows\SysWOW64\igdde32.dll 2015-03-11 23:23 - 2014-02-11 02:13 - 00142848 _____ () C:\Windows\SysWOW64\igdail32.dll 2015-03-11 23:23 - 2014-02-11 02:12 - 00068608 _____ () C:\Windows\SysWOW64\igfxexps32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 25972224 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 20955136 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 03225088 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 02898432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00329216 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00320512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00290816 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll 2015-03-11 23:23 - 2014-02-11 02:06 - 00265216 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 02813952 _____ () C:\Windows\system32\iglhxa64.cpa 2015-03-11 23:23 - 2014-02-11 01:58 - 02020864 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 01753088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00182272 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00154624 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2015-03-11 23:23 - 2014-02-11 01:58 - 00064000 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2015-03-11 23:23 - 2014-02-11 01:58 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll 2015-03-11 23:23 - 2014-02-11 01:58 - 00044025 _____ () C:\Windows\system32\iglhxo64.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043816 _____ () C:\Windows\system32\iglhxc64_dev.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043494 _____ () C:\Windows\system32\iglhxc64.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043298 _____ () C:\Windows\system32\iglhxg64_dev.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00043256 _____ () C:\Windows\system32\iglhxg64.vp 2015-03-11 23:23 - 2014-02-11 01:58 - 00042079 _____ () C:\Windows\system32\iglhxo64_dev.vp 2015-03-11 23:21 - 2014-02-11 02:24 - 00450520 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys 2015-03-11 23:18 - 2015-03-12 00:07 - 00000000 ____D () C:\Program Files (x86)\Intel 2015-03-11 23:18 - 2015-03-11 23:21 - 00000000 ____D () C:\Intel 2015-03-11 23:18 - 2013-08-21 08:16 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2015-03-11 23:14 - 2015-03-12 12:19 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore 2015-03-11 23:14 - 2015-03-12 00:16 - 00001435 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-03-11 23:14 - 2015-03-11 23:14 - 00001401 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk 2015-03-11 23:13 - 2015-03-12 12:51 - 01377788 _____ () C:\Windows\WindowsUpdate.log 2015-03-11 23:13 - 2015-03-11 23:42 - 00000000 ____D () C:\Users\Admin 2015-03-11 23:13 - 2015-03-11 23:13 - 00000020 ___SH () C:\Users\Admin\ntuser.ini 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Vorlagen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Startmenü 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Vorlagen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Startmenü 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Lokale Einstellungen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Eigene Dateien 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Users\Admin\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Vorlagen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Startmenü 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Favoriten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Dokumente 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 _SHDL () C:\Dokumente und Einstellungen 2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 __SHD () C:\Recovery 2015-03-11 23:13 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-11 23:13 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-11 23:08 - 2015-03-11 23:08 - 00001355 _____ () C:\Windows\TSSysprep.log 2015-03-11 23:08 - 2015-03-11 23:08 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-03-11 23:08 - 2015-03-11 23:08 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-03-11 23:04 - 2015-03-11 23:13 - 00000000 ____D () C:\Windows\Panther ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-12 13:50 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-12 13:50 - 2009-07-14 05:45 - 00020832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-12 12:44 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat 2015-03-12 12:44 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat 2015-03-12 12:44 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-12 12:18 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-12 12:18 - 2009-07-14 05:51 - 00031492 _____ () C:\Windows\setupact.log 2015-03-12 12:18 - 2009-07-14 05:45 - 00415656 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-03-12 11:40 - 2010-11-21 04:47 - 00010226 _____ () C:\Windows\PFRO.log 2015-03-12 11:34 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew 2015-03-12 11:34 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-03-12 11:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-03-12 11:30 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini 2015-03-11 23:42 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-03-11 23:27 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore 2015-03-11 23:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-03-11 23:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT 2015-03-11 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-03-11 23:08 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-03-11 23:08 - 2009-07-14 05:46 - 00002790 _____ () C:\Windows\DtcInstall.log 2015-03-11 23:08 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2015-03-11 23:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep 2015-03-11 23:06 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\CSC 2015-03-11 23:04 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2015-03-11 23:04 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template 2015-03-03 14:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Files in the root of some directories ======= 2015-03-12 00:11 - 2015-03-12 00:11 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some content of TEMP: ==================== C:\Users\Admin\AppData\Local\Temp\APNSetup.exe C:\Users\Admin\AppData\Local\Temp\ose00000.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-11 23:05 ==================== End Of Log ============================ --- --- --- Addition: FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Admin at 2015-03-12 13:57:29
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Hotkey 2.24.28 (HKLM-x32\...\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}) (Version: 2.24.28 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3431 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
ISO Creator 1.0 (HKLM-x32\...\{78D80EAF-1ADB-46A8-AF6F-EBB18B6ADBCE}) (Version: 1.0.0 - Bunny-Wabbit)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
PDF Split And Merge Basic (HKLM-x32\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29069 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0239 - REALTEK Semiconductor Corp.)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{5106E879-D354-4511-BB91-BDDC0FB751F0}) (Version: 15.00.0020 - Nuance Communications, Inc.)
ScanSoft PaperPort 10 (HKLM-x32\...\{A82DA09D-AE5B-4471-A591-14342B9C5BB4}) (Version: 10.3.0000 - ScanSoft, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.5.0 - Synaptics Incorporated)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XEROX Phaser 6115MFP Drucker- und Scannertreiber (HKLM\...\XEROX Phaser 6115MFP) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-91416009-2437426450-117909108-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
11-03-2015 23:27:49 Installed Intel(R) Network Connections.
11-03-2015 23:29:38 Installiert Realtek Card Reader
11-03-2015 23:39:32 Installiert REALTEK PCIE Wireless LAN Driver
11-03-2015 23:41:15 Intel® PROSet/Wireless Software
11-03-2015 23:45:05 Installiert Realtek Card Reader
11-03-2015 23:52:06 Installiert Hotkey 2.24.28
11-03-2015 23:53:17 Windows Update
12-03-2015 00:00:44 Installiert Hotkey 2.24.28
12-03-2015 11:29:20 Installed Microsoft Office Professional Plus 2010
12-03-2015 11:48:32 Installed PDF Split And Merge Basic
12-03-2015 11:49:21 Installed PDF Split And Merge Basic
12-03-2015 12:07:38 Installed ScanSoft PaperPort 10
12-03-2015 12:10:21 Installed ScanSoft OmniPage SE 4.0
12-03-2015 12:27:07 Installed ISO Creator 1.0
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0A9A6A1C-8804-46F1-9A3C-8A653F11AD37} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {27C0FEA8-475B-4890-96DE-13C0F8C4F04D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-11] (Adobe Systems Incorporated)
Task: {4C518EE0-56BC-4077-8D27-B984CC4CB1EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) ==============
2015-03-11 23:52 - 2014-01-16 11:34 - 00023552 _____ () C:\Program Files (x86)\Hotkey\HotkeyService.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-12 00:07 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-91416009-2437426450-117909108-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Admin (S-1-5-21-91416009-2437426450-117909108-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-91416009-2437426450-117909108-500 - Administrator - Disabled)
Gast (S-1-5-21-91416009-2437426450-117909108-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: EgisTec_ES603
Description: EgisTec_ES603
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4810MQ CPU @ 2.80GHz
Percentage of memory in use: 30%
Total physical RAM: 8128.41 MB
Available physical RAM: 5680.32 MB
Total Pagefile: 16255.02 MB
Available Pagefile: 13424.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:443.23 GB) (Free:402.81 GB) NTFS
Drive d: () (Fixed) (Total:488.18 GB) (Free:487.63 GB) NTFS
Drive w: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:1.71 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 30B7189A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BE0893E5)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Zitat:
Aber muss ich jetzt noch was anderes machen?3 Was ist mit diesem Defogger und Combofix ? Das habe ich nicht verstanden. Muss ich DelFix noch machen? |
|
13.03.2015, 08:09
| #4 |
| /// the machine /// TB-Ausbilder | sm und startfenster korrekt entfernt? NUr noch aufräumen:  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu sm und startfenster korrekt entfernt? |
| adware, browser, desktop, device driver, downloader, failed, fehler, firefox, flash player, frage, homepage, installation, logfile, mozilla, programm, realtek, registry, scan, security, software, svchost.exe, system, trojaner, usb, windows, windows xp |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
